You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
pulse secure
About this tag
The pulse secure tag on WindowsForum covers security advisories and threat alerts related to Pulse Connect Secure and Pulse Secure VPN products from Ivanti. Content focuses on exploitation of vulnerabilities, particularly CVE-2019-11510, an arbitrary file reading and remote code execution flaw. Discussions include CISA alerts about continued threat actor activity targeting unpatched Pulse Secure VPN appliances, affecting government agencies and critical infrastructure. Topics emphasize patching urgency, post-patching exploitation risks, and mitigation strategies for enterprise IT environments.
Original release date: April 20, 2021
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020...
Original release date: April 16, 2020 | Last revised: June 30, 2020
Summary
Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations...
Original release date: April 16, 2020
Summary
Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations.
This Alert provides an update...
Original release date: January 10, 2020
Summary
Unpatched Pulse Secure VPN servers continue to be an attractive target for malicious actors. Affected organizations that have not applied the software patch to fix a remote code execution (RCE) vulnerability, known as CVE-2019-11510, can become...