Android Phones Vulnerable Due To Pulse Secure VPN
Hackers are exploiting existing vulnerabilities in Pulse Secure VPN and Android Phones. The flaw tracked as CVE-2019-1150, has been rated ‘Highly’ critical. This arbitrary read file vulnerability affects multiple versions of Pulse Connect Secure and Pulse Policy Secure. This flaw allows remote attackers to connect via HTTPS to an enterprise network without the requirement of any valid username or password.
Attackers can use the flaw to view logs and files, turn-off multifactor authentication, download arbitrary files and execute malicious code on enterprise networks.
Good News is Pulse Secure has released a security update to address the issue and users are urged to apply the patches immediately to mitigate such attacks.
- Tackling Shadow IT: The Unseen Network Security Risk
- How to Spot and Report Cybercrime Effectively
- IT Management Strategies For Startups
- 3 Common Mistakes in IT Operations You Can’t Afford to Make
- How Generative AI Impacts Email Security
Loading ...