Pulse Secure Says Majority of Customers Patched Exploited Vulnerability August 29, 2019 https://www.securityweek.com/pulse-secure-says-majority-customers-patched-exploited-vulnerability
Active exploitation of VPN vulnerabilities September 17, 2019 https://cyber.gc.ca/en/alerts/active-exploitation-vpn-vulnerabilities-0
Seems to be quite a serious flaw, these guys were able to hack Twitter's intranet: https://blog.orange.tw/2019/09/attacking-ssl-vpn-part-3-golden-pulse-secure-rce-chain.html
7 Ways VPNs Can Turn from Ally to Threat https://www.darkreading.com/cloud/7-ways-vpns-can-turn-from-ally-to-threat/d/d-id/1335833
Hundreds of Dutch companies with unpatched Fortigate-VPN. At the moment I don't have links in English. Articles in Dutch: https://nos.nl/artikel/2303866-opnieuw-groot-risico-door-beveiligingslek-bij-thuiswerksysteem.html https://www.nu.nl/tech/6000030/hond...ven-kwetsbaar-door-gevaarlijk-lek-in-vpn.html This evening there will be a Dutch radio broadcast telling more: "Reporter Radio". According to the above articles Reporter Radio did research together with ESET NL. (At the moment I cannot find articles about it at the Reporter Radio site nor at the ESET site(s)) According to the articles: They found that there are almost 900 Dutch companies who are using unpatched Fortigate-VPN although the Dutch NCSC (National Cyber Security Centre) has warned about it.
NCSC Alert Vulnerabilities exploited in VPN products used worldwide APTs are exploiting vulnerabilities in several VPN products used worldwide October 2, 2019 https://www.ncsc.gov.uk/news/alert-vpn-vulnerabilities
Big Game Ransomware being delivered to organisations via Pulse Secure VPN January 4, 2020 https://doublepulsar.com/big-game-r...ganisations-via-pulse-secure-vpn-bd01b791aad9
But it isn't it true that so called EDR systems should be able to block this stuff. I keep reading about how hackers are able to login and disable security software, but EDR should be able to alert about security software being disabled on machines. And it should also be able to spot ransomware activity and disconnect the infected machines from the network. https://blog.devolutions.net/2019/08/what-is-edr-and-why-do-you-need-it
FBI Says State Actors Hacked US Govt Network With Pulse VPN Flaw January 17, 2020 https://www.bleepingcomputer.com/ne...s-hacked-us-govt-network-with-pulse-vpn-flaw/
Hacker posts exploits for over 49,000 vulnerable Fortinet VPNs November 22, 2020 https://www.bleepingcomputer.com/ne...its-for-over-49-000-vulnerable-fortinet-vpns/
NCSC Alert Alert: Critical risk to unpatched Fortinet VPN devices December 8, 2020 https://www.ncsc.gov.uk/news/critical-risk-unpatched-fortinet-vpn-devices