This week: The US Government issued a new report/alert stating cybercriminals are now targeting unpatched Pulse Secure VPN servers to install REvil (Sodinokibi) ransomware. Davey Winder, Forbes CyberSecurity reporter, shared details where the first reported vulnerabilities in the VPN on April 24, 2019 which has now bubbled up in airports and banks through Travelex, a London-based foreign currency exchange.
“The worry with the Pulse Secure VPN situation is that it may continue well into the future. There’s precedent for this happening: the 2017 EternalBlue (WannaCry) situation, for example. While this was a high profile cybersecurity case – arguably creating the most mainstream buzz in recent years with the exception of the DNC hack – the response in the business world has been inconsistent. Even today we can find servers vulnerable to this exploit, which seems unthinkable. Unless there are forced updates, the same may prove true about the Pulse Secure VPN vulnerability. Sadly, companies seem to have quite the knack for ignoring alerts and not updating.”