Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since ...

This Alert provides an update to Cybersecurity and Infrastructure Security Agency (CISA) Alert AA20-010A: Continued Exploitation of Pulse Secure VPN Vulnerability, which advised organizations to ...

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...

And then they send victims to the legit VPN download to hide their tracks A group of cybercriminals tracked as Storm-2561 is ...

In a blog post, Pulse Secure said the newly discovered flaw affects a "very limited number of customers" and that a more permanent software update to address that vulnerability will be issued in early ...

Suspected Chinese state-sponsored hackers used vulnerabilities in Pulse Secure VPN appliances to infiltrate dozens of U.S. government agencies, defense contractors, and private companies, according to ...

Storm-2561 spreads fake VPN installers via SEO poisoning and GitHub downloads, stealing enterprise VPN credentials with Hyrax ...

Storm-2561 is relying on SEO poisoning to distribute fake VPN clients that install trojans and steal users’ credentials.

The high-severity vulnerabilities impact Ivanti’s Connect Secure VPN and do not yet have a patch available. Ivanti disclosed Wednesday that a pair of high-severity, zero-day vulnerabilities impacting ...

Virtual private networks (VPNs), which have become essential for many organizations that provide remote employees with access to private networks since the pandemic's onset, are a popular target for ...

Pulse Secure today announced new features to its Network Access Control (NAC) solution, Pulse Policy Secure (PPS), that enhance endpoint and IoT device visibility, compliance, remediation, and threat ...