The hacker posted the passwords of more than 900 corporate VPN servers
The list is published on a Russian hacker forum, which is frequented BY rent-seeking operators. Hacker
According to the publication ZDNet, affirming the authenticity of the data, the list includes the IP address of the server Pulse Secure VPN, information about firmware version of the Pulse Secure VPN servers, the SSH keys for each server, a list of all local users and their password hashes, the data administrator account, cookies, session VPN, etc.
The list found by the analyst, using the alias Bank Security, which specializiruetsya on financial crimes. As the expert noted, all included in the list of VPN server Pulse Secure use firmware version that contains the vulnerability CVE-2019-11510.
The expert believes that the hacker scanned the Network for vulnerable servers, juniper Pulse VPN, proekspluatirovat, CVE-2019-11510 to access the system, and then stole the data from the server and put all that information in a single repository.
As noted by the publication, the list was published on a hacker forum, which is frequented BY rent-seeking operators. For example REvil (Sodinokibi), NetWalker, Lockbit, Avaddon, Makop Exorcist and communicate on this forum and use it for the recruitment of developers and finding customers.
ORIGINAL PAGE –