A hacker has published today a list of plaintext usernames and passwords for more than 900 Pulse Secure VPN enterprise server

numike

Level 1
Thread author
Verified
Nov 1, 2018
45
A hacker has published today a list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers.
 

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,457
From the list, it appears that the 677 companies didn't patch since Bad Packets' first scan last year, and the June 2020 scans carried out by the hacker.

Even if those companies patch their Pulse Secure servers, they also need to change passwords to avoid hackers abusing the leaked credentials to take over devices and then spread to their internal networks. This is very important, as Pulse Secure VPN servers are usually employed as access gateways into corporate networks so staff can connect remotely to internal apps from across the internet. These types of devices, if compromised, can allow hackers easy access to a company's entire internal network

A few more previous news about the issue :
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top