Dozens of defense companies, government agencies, and financial organizations in America and abroad appear to have been compromised by China via vulnerabilities in their Pulse Connect Secure VPN appliances – including a zero-day flaw that won't be patched until next month.
On Tuesday, IT software supplier Ivanti, the parent of Pulse Secure, issued a wake-up call to its customers by revealing it looks as though select clients were compromised via their encrypted gateways.
"There is a new issue, discovered this month, that impacted a very limited number of customers," said Phil Richards, chief security officer at Pulse Secure, in a memo to the world. "The team worked quickly to provide mitigations directly to the limited number of impacted customers that remediates the risk to their system."
Richards said Ivanti, based in Utah, ha ..
Support the originator by clicking the read the rest link below.
