We started to review Pulse Secure in mid-December last year. However, Google applies the Zero Trust security model, and therefore the VPN is removed now. Pulse Secure has been in our research queue for a long time because it was a critical infrastructure of Google, which is one of our long-term targets. Pulse Secure is the market leader of SSL VPN which provides professional secure access solutions for Hybrid IT. So, if you haven’t updated your Palo Alto, Fortinet or Pulse Secure SSL VPN, please update it ASAP! About Pulse Secure An intelligence also points out that there is already a China APT group exploiting this bug. On the other hand, the bad part is that there is an increasing number of botnets scanning the Internet in the meanwhile. So, these premature public disclosures indeed force these entities to upgrade their SSL VPN, this is the good part. There are even 10 NASA servers exposed for this bug. military, governments, financial institutions and universities are also affected by this. From the statistics of Bad Packet, numerous Fortune 500, U.S. We heard about more than 25 bug bounty programs are exploited. But it’s indeed a worth discussing question to the security community: if you have a nuclear level weapon, when is it ready for public disclosure? Honestly, we couldn’t say they are wrong, because the bugs are absolutely fixed several months ago, and they spent their time differing/reversing/reproducing. They can be easily found on GitHub and exploit-db. Unfortunately, the exploits were revealed by someone else. So we decided to postpone the public disclosure to give the world more time to apply the patches! However, as a SECURITY firm, our responsibility is to make the world more secure. Actually, we could simply drop the whole exploits without any concern and acquire plenty of media exposures. Many people desire first-hand news and wonder when the exploit(especially the Pulse Secure preAuth one) will be released.
0 Comments
Leave a Reply. |