Breaking News

More than 900 VPN Passwords Leaked by Hacker

August 6, 2020

A list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers, has been published on a Russian-speaking hacker forum frequented by multiple ransomware gangs.

According to a threat intelligence analyst, the list includes:

IP addresses of Pulse Secure VPN servers
Pulse Secure VPN server firmware version
SSH keys for each server
A list of all local users and their password hashes
Admin account details
Last VPN logins (including usernames and cleartext passwords)
VPN session cookies

Check out these relevant resources.

‘Wormable’ Flaw Leads January 2022 Patch Tuesday

Microsoft Releases Over 100 Updates in Patch Tuesday for January 2022 The January security updates from the Redmond-based software giant cover security defects in a

ManageEngine Zero-Day Flaw Actively Being Exploited

FBI Warns: APT Groups Exploiting Critical Vulnerability in ManageEngine Software Earlier this month, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) released a joint

FBI & CISA Warning: ManageEngine Flaw Poses Serious Risk

APT Actors Exploit Vulnerability in ManageEngine ADSelfService Plus Reports confirm a critical security vulnerability in ManageEngine ADSelfService Plus, a self-service password management and single sign-on