pulse secure

About this tag
The pulse secure tag on WindowsForum covers security advisories and threat alerts related to Pulse Connect Secure and Pulse Secure VPN products from Ivanti. Content focuses on exploitation of vulnerabilities, particularly CVE-2019-11510, an arbitrary file reading and remote code execution flaw. Discussions include CISA alerts about continued threat actor activity targeting unpatched Pulse Secure VPN appliances, affecting government agencies and critical infrastructure. Topics emphasize patching urgency, post-patching exploitation risks, and mitigation strategies for enterprise IT environments.
  1. News

    AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities

    Original release date: April 20, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020...
  2. News

    AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

    Original release date: April 16, 2020 | Last revised: June 30, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations...
  3. News

    AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

    Original release date: April 16, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations. This Alert provides an update...
  4. News

    AA20-010A: Continued Exploitation of Pulse Secure VPN Vulnerability

    Original release date: January 10, 2020 Summary Unpatched Pulse Secure VPN servers continue to be an attractive target for malicious actors. Affected organizations that have not applied the software patch to fix a remote code execution (RCE) vulnerability, known as CVE-2019-11510, can become...
Back
Top