Mass scanning for Pulse Secure VPN servers

A brief security information for administrators of Pulse Secure VPN servers. A mass scan of the Internet for Pulse Secure VPN servers has been running for several hours.


Advertising

I just found the information on Twitter. The scan starts from IP 5.101.181.111 and searches for attackable Pulse Secure VPN servers.

At the end of August, I briefly reported on the vulnerability in these products in my blog post Attacks on unpatched Pulse Secure and Fortinet SSL VPNs. The vulnerability CVE-2019-11510 allows attackers to read private keys and user passwords. The vendors released vulnerability updates months ago. So if you administer such a server and haven't patched it yet, you should do so as soon as possible.


Advertising

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).