all InfoSec news
Flatlined: Analyzing Pulse Secure Firmware and Bypassing Integrity Checking
Malware Analysis, News and Indicators - Latest topics malware.news
Introduction
We’ve recently seen a series of sophisticated attacks targeting Ivanti Pulse Secure VPN appliances, underscoring the challenges surrounding the protection of IT infrastructure such as network devices. The nation-state group UNC5221 exploited these vulnerabilities as far as Dec. 3, 2023, but they are now under mass exploitation by several groups. Together, these vulnerabilities emphasize the inherent weaknesses within network security devices—ironic, as these products are meant to improve an organization’s security posture. As part of our reverse engineering …
attacks bypassing challenges dec devices exploitation exploited far firmware infrastructure integrity introduction it infrastructure ivanti nation network network devices protection pulse pulse secure pulse secure vpn secure vpn series state targeting under vpn vulnerabilities