More than 900 VPN Passwords Leaked by Hacker


A list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers, has been published on a Russian-speaking hacker forum frequented by multiple ransomware gangs. 

According to a threat intelligence analyst, the list includes: 

  • IP addresses of Pulse Secure VPN servers 
  • Pulse Secure VPN server firmware version 
  • SSH keys for each server 
  • A list of all local users and their password hashes 
  • Admin account details 
  • Last VPN logins (including usernames and cleartext passwords) 
  • VPN session cookies 

Read more about the leak here. 

Check out these relevant resources.

New Survey Finds...

Active Directory forest recovery not taken serious enough. See what else your peers had to say.