5 years ago
Unpatched VPN makes Travelex latest victim of “REvil” ransomware
In April of 2019, Pulse Secure issued an urgent patch to a vulnerability in its popular corporate VPN software—a vulnerability that not only allowed remote attackers to gain access without a username or password but also to turn off multi-factor authentication and view logs, usernames, and passwords cached by the VPN server in plain text. Now, a cybercriminal group is using that vulnerability to target and infiltrate victims, steal data, and plant ransomware.
Continue Reading
https://arstechnica.com
Join the Discussion