The hacker posted the passwords of more than 900 corporate VPN servers

The hacker posted the passwords of more than 900 corporate VPN servers

The hacker posted the passwords of more than 900 corporate VPN servers

The list is published on a Russian hacker forum, which is frequented BY rent-seeking operators. Hacker published on an underground Russian forum a list of usernames and user passwords, and IP addresses for more than 900 enterprise server Pulse Secure VPN.

The hacker posted the passwords of more than 900 corporate VPN servers, image # 1

According to the publication ZDNet, affirming the authenticity of the data, the list includes the IP address of the server Pulse Secure VPN, information about firmware version of the Pulse Secure VPN servers, the SSH keys for each server, a list of all local users and their password hashes, the data administrator account, cookies, session VPN, etc.



The list found by the analyst, using the alias Bank Security, which specializiruetsya on financial crimes. As the expert noted, all included in the list of VPN server Pulse Secure use firmware version that contains the vulnerability CVE-2019-11510.

The expert believes that the hacker scanned the Network for vulnerable servers, juniper Pulse VPN, proekspluatirovat, CVE-2019-11510 to access the system, and then stole the data from the server and put all that information in a single repository.

As noted by the publication, the list was published on a hacker forum, which is frequented BY rent-seeking operators. For example REvil (Sodinokibi), NetWalker, Lockbit, Avaddon, Makop Exorcist and communicate on this forum and use it for the recruitment of developers and finding customers.



Source https://www.securitylab.ru/news/510844.php

ORIGINAL PAGE – Go to open the original article


38 Views

0 0 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments


Do NOT follow this link or you will be banned from the site!
0
Would love your thoughts, please comment.x
()
x

Spelling error report

The following text will be sent to our editors: