Nasty VPN vulnerability used to eavesdrop on companies across the globe

security
Image Credit: Pixabay (Image credit: Pixabay)

Governments and financial organizations around the world have been targeted by an espionage campaign allegedly linked to Chinese state-sponsored actors.

Earlier this week, American cybersecurity firm Ivanti acknowledged a flaw in its Pulse Connect Secure VPN devices that had allowed bad actors to move into the systems of “a very limited number of customers".

At the moment, there are no patches for the Pulse Connect Secure suite flaw, but mitigations have been put in place. The company expects a patch to be released next month.

The flaw has been active for “months”, it was said, and a separate report from experts at FireEye suggests two distinct groups have been using it to eavesdrop on western businesses and government entities.

FireEye also said at least one of the groups “operates on behalf of the Chinese government”, but did not reveal the identity of the attackers, nor victims.

"The other one we suspect is aligned with China-based initiatives and collections," said Charles Carmakal, SVP at Mandiant, FireEye’s cybersecurity arm.

Similar attack pattern

China has denied all allegations, with the country’s US embassy claiming it "firmly opposes and cracks down on all forms of cyber attacks". Officials described FireEye's insinuations as "irresponsible and ill-intentioned."

FireEye, on the other hand, has based its conclusions on the tactics, tools, infrastructure and targets, all of which were strikingly similar to previous attacks linked to China. 

The Department of Homeland Security was brief in its statement, saying it is working with Ivanti "to better understand the vulnerability in Pulse Secure VPN devices and mitigate potential risks to federal civilian and private sector networks".

Further details are scarce, but Carmakal did add that the attackers were working from American infrastructure, borrowing the naming conventions of their victims to help them hide in plain sight.

Via: Reuters

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
vpn
Ivanti warns another critical security flaw is being attacked
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
China-linked cyberespionage group PlushDaemon used South Korean VPN service to inject malware
China
Juniper patches security flaws which could have let hackers take over your router
China
Chinese hackers targeting Juniper Networks routers, so patch now
China
Chinese hackers develop effective new hacking technique to go after business networks
Flag of the People's Republic of China overlaid with a technological network of wires and circuits.
One of the biggest flaws exploited by Salt Typhoon hackers has had a patch available for years
Latest in VPN Privacy & Security
Digital hand set location on map with two pins. AI technology in GPs, innovation delivery, map location, future transport logistic, route path concept. GPs point. New office location, change address
What does your IP address reveal about you?
A stethoscope next to a laptop on a pink background
How to check if your VPN is working
Teenager playing on a gaming PC with two monitors
Is using a VPN while gaming cheating? 5 myths you shouldn't believe about gaming with a VPN
Neon blue email symbols on a black background
Why am I suddenly getting so many spam emails?
A computer file surrounded by red laser beams
Cover your tracks: the risk of sending unencrypted files
Using an Amazon Fire Stick on a Smart TV
How to use a VPN with Fire Stick
Latest in News
Samsung HW-Q990D soundbar with Halloween theme over the top
Samsung promises to repair soundbars bricked by its disastrous software update for free – but it'll probably involve shipping
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
DJI Mavic 3 Pro
More DJI Mavic 4 Pro leaks seemingly reveal launch date, price and key features of the triple camera drone – here's what to expect
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Man sitting on sofa, drinking coffee, looking at phone in surprise
Thousands of coffee lovers warned to stop using their espresso machines immediately after reports of burns and lacerations
Visual Intelligence identifying a dog
AirPods with cameras for Visual Intelligence could be one of the best personal safety features Apple has ever planned – here's why