Maxime Thiebaut<p>We're still discovering further ramifications to <a href="https://infosec.exchange/tags/Ivanti" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ivanti</span></a>'s <a href="https://infosec.exchange/tags/PulseSecure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PulseSecure</span></a> vulnerabilities (<a href="https://infosec.exchange/tags/CVE_2023_46805" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2023_46805</span></a> & <a href="https://infosec.exchange/tags/CVE_2024_21887" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2024_21887</span></a>). In February, we identified two new backdoors: <a href="https://infosec.exchange/tags/SparkCockpit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SparkCockpit</span></a> & <a href="https://infosec.exchange/tags/SparkTar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SparkTar</span></a>. Both backdoors employ selective interception of TLS communication, offer multiple degrees of persistence and access possibilities into the victim network (e.g., traffic tunneling through SOCKS proxy).</p><p>👀 Analysis & detection rules at <a href="https://blog.nviso.eu/2024/03/01/covert-tls-n-day-backdoors-sparkcockpit-sparktar/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.nviso.eu/2024/03/01/cover</span><span class="invisible">t-tls-n-day-backdoors-sparkcockpit-sparktar/</span></a></p><p>The findings of our investigation have been independently corroborated by the research performed by Mandiant and have partially been observed by Fortinet.</p><p><a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>threatintel</span></a> <a href="https://infosec.exchange/tags/forensics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>forensics</span></a> <a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>reverseengineering</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
schleuss.online is one of the many independent Mastodon servers you can use to participate in the fediverse.
This instance has a focus on IT security, general computing, retro video games and game collector discussion. Please, no #NSFW and other 18+ discussion on this instance. See rules for more details
Administered by:
Server stats:
11active users
schleuss.online: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#pulsesecure
0 posts · 0 participants · 0 posts today
IT News<p>Hackers are exploiting a Pulse Secure 0day to breach orgs around the world - Enlarge (credit: CHUYN / Getty Images) <br />Hackers backed by nation-states are expl... - <a href="https://arstechnica.com/?p=1758789" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">arstechnica.com/?p=1758789</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/vulnerabilities" class="mention hashtag" rel="tag">#<span>vulnerabilities</span></a> <a href="https://schleuss.online/tags/pulsesecure" class="mention hashtag" rel="tag">#<span>pulsesecure</span></a> <a href="https://schleuss.online/tags/exploits" class="mention hashtag" rel="tag">#<span>exploits</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="tag">#<span>biz</span></a>&it <a href="https://schleuss.online/tags/policy" class="mention hashtag" rel="tag">#<span>policy</span></a> <a href="https://schleuss.online/tags/tech" class="mention hashtag" rel="tag">#<span>tech</span></a> <a href="https://schleuss.online/tags/vpns" class="mention hashtag" rel="tag">#<span>vpns</span></a></p>
ITSEC News<p>Feds Hit with Successful Cyberattack, Data Stolen - The attack featured a unique, multistage malware and a likely PulseSecure VPN exploit. <a href="https://threatpost.com/feds-cyberattack-data-stolen/159541/" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">threatpost.com/feds-cyberattac</span><span class="invisible">k-data-stolen/159541/</span></a> <a href="https://schleuss.online/tags/microsoftoffice365credentials" class="mention hashtag" rel="tag">#<span>microsoftoffice365credentials</span></a> <a href="https://schleuss.online/tags/dataexfiltration" class="mention hashtag" rel="tag">#<span>dataexfiltration</span></a> <a href="https://schleuss.online/tags/federalagency" class="mention hashtag" rel="tag">#<span>federalagency</span></a> <a href="https://schleuss.online/tags/inetinfo" class="mention hashtag" rel="tag">#<span>inetinfo</span></a>.exe <a href="https://schleuss.online/tags/cyberattack" class="mention hashtag" rel="tag">#<span>cyberattack</span></a> <a href="https://schleuss.online/tags/pulsesecure" class="mention hashtag" rel="tag">#<span>pulsesecure</span></a> <a href="https://schleuss.online/tags/spycampaign" class="mention hashtag" rel="tag">#<span>spycampaign</span></a> <a href="https://schleuss.online/tags/government" class="mention hashtag" rel="tag">#<span>government</span></a> <a href="https://schleuss.online/tags/cisaalert" class="mention hashtag" rel="tag">#<span>cisaalert</span></a> <a href="https://schleuss.online/tags/espionage" class="mention hashtag" rel="tag">#<span>espionage</span></a> <a href="https://schleuss.online/tags/malware" class="mention hashtag" rel="tag">#<span>malware</span></a> <a href="https://schleuss.online/tags/exploit" class="mention hashtag" rel="tag">#<span>exploit</span></a> <a href="https://schleuss.online/tags/hacks" class="mention hashtag" rel="tag">#<span>hacks</span></a></p>
IT News<p>Code-execution bug in Pulse Secure VPN threatens patch laggards everywhere - Enlarge (credit: Bid.in2corporate.com) <br />Organizations that have yet to install the latest version ... - <a href="https://arstechnica.com/?p=1701334" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">arstechnica.com/?p=1701334</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/virtualprivatenetworks" class="mention hashtag" rel="tag">#<span>virtualprivatenetworks</span></a> <a href="https://schleuss.online/tags/vulnerabilities" class="mention hashtag" rel="tag">#<span>vulnerabilities</span></a> <a href="https://schleuss.online/tags/codeexecution" class="mention hashtag" rel="tag">#<span>codeexecution</span></a> <a href="https://schleuss.online/tags/pulsesecure" class="mention hashtag" rel="tag">#<span>pulsesecure</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="tag">#<span>biz</span></a>&it <a href="https://schleuss.online/tags/tech" class="mention hashtag" rel="tag">#<span>tech</span></a> <a href="https://schleuss.online/tags/bugs" class="mention hashtag" rel="tag">#<span>bugs</span></a> <a href="https://schleuss.online/tags/vpns" class="mention hashtag" rel="tag">#<span>vpns</span></a></p>
ITSEC News<p>Top 10 most exploited vulnerabilities list released by FBI, DHS CISA - The agencies say it's vital to prioritize patching. Otherwise, we're making it easy for attackers ... more: <a href="https://nakedsecurity.sophos.com/2020/05/15/top-10-most-exploited-vulnerabilities-list-released-by-fbi-dhs-cisa/" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">nakedsecurity.sophos.com/2020/</span><span class="invisible">05/15/top-10-most-exploited-vulnerabilities-list-released-by-fbi-dhs-cisa/</span></a> <a href="https://schleuss.online/tags/objectlinkingandembedding" class="mention hashtag" rel="tag">#<span>objectlinkingandembedding</span></a> <a href="https://schleuss.online/tags/vulnerabilitylist" class="mention hashtag" rel="tag">#<span>vulnerabilitylist</span></a> <a href="https://schleuss.online/tags/securitythreats" class="mention hashtag" rel="tag">#<span>securitythreats</span></a> <a href="https://schleuss.online/tags/vulnerability" class="mention hashtag" rel="tag">#<span>vulnerability</span></a> <a href="https://schleuss.online/tags/apachestruts" class="mention hashtag" rel="tag">#<span>apachestruts</span></a> <a href="https://schleuss.online/tags/pulsesecure" class="mention hashtag" rel="tag">#<span>pulsesecure</span></a> <a href="https://schleuss.online/tags/adobeflash" class="mention hashtag" rel="tag">#<span>adobeflash</span></a> <a href="https://schleuss.online/tags/sharepoint" class="mention hashtag" rel="tag">#<span>sharepoint</span></a> <a href="https://schleuss.online/tags/office365" class="mention hashtag" rel="tag">#<span>office365</span></a> <a href="https://schleuss.online/tags/exploits" class="mention hashtag" rel="tag">#<span>exploits</span></a> <a href="https://schleuss.online/tags/malware" class="mention hashtag" rel="tag">#<span>malware</span></a> <a href="https://schleuss.online/tags/citrix" class="mention hashtag" rel="tag">#<span>citrix</span></a> <a href="https://schleuss.online/tags/drupal" class="mention hashtag" rel="tag">#<span>drupal</span></a> #.net <a href="https://schleuss.online/tags/cisa" class="mention hashtag" rel="tag">#<span>cisa</span></a> <a href="https://schleuss.online/tags/ole" class="mention hashtag" rel="tag">#<span>ole</span></a> <a href="https://schleuss.online/tags/vpn" class="mention hashtag" rel="tag">#<span>vpn</span></a></p>
ITSEC News<p>DHS Urges Pulse Secure VPN Users To Update Passwords - The DHS urged organizations to update their passwords and make sure that a critical Pulse Secure V... more: <a href="https://threatpost.com/dhs-urges-pulse-secure-vpn-users-to-update-passwords/154925/" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">threatpost.com/dhs-urges-pulse</span><span class="invisible">-secure-vpn-users-to-update-passwords/154925/</span></a> <a href="https://schleuss.online/tags/credentialpassword" class="mention hashtag" rel="tag">#<span>credentialpassword</span></a> <a href="https://schleuss.online/tags/vulnerabilities" class="mention hashtag" rel="tag">#<span>vulnerabilities</span></a> <a href="https://schleuss.online/tags/pulsesecurevpn" class="mention hashtag" rel="tag">#<span>pulsesecurevpn</span></a> <a href="https://schleuss.online/tags/criticalflaw" class="mention hashtag" rel="tag">#<span>criticalflaw</span></a> <a href="https://schleuss.online/tags/pulsesecure" class="mention hashtag" rel="tag">#<span>pulsesecure</span></a> <a href="https://schleuss.online/tags/password" class="mention hashtag" rel="tag">#<span>password</span></a> <a href="https://schleuss.online/tags/hacks" class="mention hashtag" rel="tag">#<span>hacks</span></a> <a href="https://schleuss.online/tags/cisa" class="mention hashtag" rel="tag">#<span>cisa</span></a> <a href="https://schleuss.online/tags/dhs" class="mention hashtag" rel="tag">#<span>dhs</span></a></p>
IT News<p>As attacks begin, Citrix ships patch for VPN vulnerability - Enlarge (credit: Igor Golovniov/SOPA Images/LightRocket via Getty Images) <br />On January 19, Citrix r... more: <a href="https://arstechnica.com/?p=1645999" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">arstechnica.com/?p=1645999</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/pulsesecure" class="mention hashtag" rel="tag">#<span>pulsesecure</span></a> <a href="https://schleuss.online/tags/ransomware" class="mention hashtag" rel="tag">#<span>ransomware</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="tag">#<span>biz</span></a>&it <a href="https://schleuss.online/tags/policy" class="mention hashtag" rel="tag">#<span>policy</span></a> <a href="https://schleuss.online/tags/citrix" class="mention hashtag" rel="tag">#<span>citrix</span></a></p>
IT News<p>Unpatched Citrix vulnerability now exploited, patch weeks away - Enlarge / Citrix's ADC and Gateway products have a vulnerability that now has several exploits wide... more: <a href="https://arstechnica.com/?p=1643051" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">arstechnica.com/?p=1643051</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/virtualprivatenetworksvpns" class="mention hashtag" rel="tag">#<span>virtualprivatenetworksvpns</span></a> <a href="https://schleuss.online/tags/pulsesecure" class="mention hashtag" rel="tag">#<span>pulsesecure</span></a> <a href="https://schleuss.online/tags/webhack" class="mention hashtag" rel="tag">#<span>webhack</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="tag">#<span>biz</span></a>&it <a href="https://schleuss.online/tags/citrix" class="mention hashtag" rel="tag">#<span>citrix</span></a></p>
IT News<p>Unpatched VPN makes Travelex latest victim of “REvil” ransomware - Enlarge / It may take longer to get your money changed when you travel, since Travelex is doing eve... more: <a href="https://arstechnica.com/?p=1640787" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">arstechnica.com/?p=1640787</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/pulsesecure" class="mention hashtag" rel="tag">#<span>pulsesecure</span></a> <a href="https://schleuss.online/tags/ransomware" class="mention hashtag" rel="tag">#<span>ransomware</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="tag">#<span>biz</span></a>&it <a href="https://schleuss.online/tags/revil" class="mention hashtag" rel="tag">#<span>revil</span></a> <a href="https://schleuss.online/tags/vpn" class="mention hashtag" rel="tag">#<span>vpn</span></a></p>
ITSEC News<p>REvil ransomware exploiting VPN flaws made public last April - Researchers report flaws, vendors issue patches, organisations apply them - and everyone lives hap... more: <a href="https://nakedsecurity.sophos.com/2020/01/08/revil-ransomware-exploiting-vpn-flaws-made-public-last-april/" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">nakedsecurity.sophos.com/2020/</span><span class="invisible">01/08/revil-ransomware-exploiting-vpn-flaws-made-public-last-april/</span></a> <a href="https://schleuss.online/tags/badpacketsreport" class="mention hashtag" rel="tag">#<span>badpacketsreport</span></a> <a href="https://schleuss.online/tags/securitythreats" class="mention hashtag" rel="tag">#<span>securitythreats</span></a> <a href="https://schleuss.online/tags/vulnerability" class="mention hashtag" rel="tag">#<span>vulnerability</span></a> <a href="https://schleuss.online/tags/pulsesecure" class="mention hashtag" rel="tag">#<span>pulsesecure</span></a> <a href="https://schleuss.online/tags/ransomware" class="mention hashtag" rel="tag">#<span>ransomware</span></a> <a href="https://schleuss.online/tags/sodinokibi" class="mention hashtag" rel="tag">#<span>sodinokibi</span></a> <a href="https://schleuss.online/tags/malware" class="mention hashtag" rel="tag">#<span>malware</span></a> <a href="https://schleuss.online/tags/revil" class="mention hashtag" rel="tag">#<span>revil</span></a> <a href="https://schleuss.online/tags/vpn" class="mention hashtag" rel="tag">#<span>vpn</span></a></p>
ITSEC News<p>Sodinokibi Ransomware Behind Travelex Fiasco: Report - Researchers suspect the cybercriminals attacked using an unpatched critical vulnerability in the c... more: <a href="https://threatpost.com/sodinokibi-ransomware-travelex-fiasco/151600/" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">threatpost.com/sodinokibi-rans</span><span class="invisible">omware-travelex-fiasco/151600/</span></a> <a href="https://schleuss.online/tags/foreigncurrencyexchange" class="mention hashtag" rel="tag">#<span>foreigncurrencyexchange</span></a> <a href="https://schleuss.online/tags/unpatchedservers" class="mention hashtag" rel="tag">#<span>unpatchedservers</span></a> <a href="https://schleuss.online/tags/vulnerabilities" class="mention hashtag" rel="tag">#<span>vulnerabilities</span></a> <a href="https://schleuss.online/tags/cve" class="mention hashtag" rel="tag">#<span>cve</span></a>-2019-11510 <a href="https://schleuss.online/tags/cve" class="mention hashtag" rel="tag">#<span>cve</span></a>-2019-11539 <a href="https://schleuss.online/tags/cyberattack" class="mention hashtag" rel="tag">#<span>cyberattack</span></a> <a href="https://schleuss.online/tags/pulsesecure" class="mention hashtag" rel="tag">#<span>pulsesecure</span></a> <a href="https://schleuss.online/tags/ransomware" class="mention hashtag" rel="tag">#<span>ransomware</span></a> <a href="https://schleuss.online/tags/sodinokibi" class="mention hashtag" rel="tag">#<span>sodinokibi</span></a> <a href="https://schleuss.online/tags/travelex" class="mention hashtag" rel="tag">#<span>travelex</span></a> <a href="https://schleuss.online/tags/malware" class="mention hashtag" rel="tag">#<span>malware</span></a> <a href="https://schleuss.online/tags/vpn" class="mention hashtag" rel="tag">#<span>vpn</span></a></p>
ITSEC News<p>Authentication Bypass Bug Hits Top Enterprise VPNs - Business users of Cisco, F5 Networks, Palo Alto Networks and Pulse Secure platforms are impacted, ... more: <a href="https://threatpost.com/authentication-bypass-bug-enterprise-vpns/143781/" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">threatpost.com/authentication-</span><span class="invisible">bypass-bug-enterprise-vpns/143781/</span></a> <a href="https://schleuss.online/tags/authenticationbypass" class="mention hashtag" rel="tag">#<span>authenticationbypass</span></a> <a href="https://schleuss.online/tags/vulnerabilities" class="mention hashtag" rel="tag">#<span>vulnerabilities</span></a> <a href="https://schleuss.online/tags/cookiestorage" class="mention hashtag" rel="tag">#<span>cookiestorage</span></a> <a href="https://schleuss.online/tags/vulnerability" class="mention hashtag" rel="tag">#<span>vulnerability</span></a> <a href="https://schleuss.online/tags/websecurity" class="mention hashtag" rel="tag">#<span>websecurity</span></a> <a href="https://schleuss.online/tags/pulsesecure" class="mention hashtag" rel="tag">#<span>pulsesecure</span></a> <a href="https://schleuss.online/tags/encryption" class="mention hashtag" rel="tag">#<span>encryption</span></a> <a href="https://schleuss.online/tags/paloalto" class="mention hashtag" rel="tag">#<span>paloalto</span></a> <a href="https://schleuss.online/tags/patches" class="mention hashtag" rel="tag">#<span>patches</span></a> <a href="https://schleuss.online/tags/cisco" class="mention hashtag" rel="tag">#<span>cisco</span></a> <a href="https://schleuss.online/tags/vpns" class="mention hashtag" rel="tag">#<span>vpns</span></a> <a href="https://schleuss.online/tags/f5" class="mention hashtag" rel="tag">#<span>f5</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload