The vulnerability named CVE-2019-1150 has affected Pulse VPN’s network and is regarded as highly ‘severe.’ Whereas vulnerability named CVE-2019-2215 targets unpatched android smartphones.
As we all know, in the world of cybersecurity, it becomes highly unsafe when the hackers target unpatched devices and systems as they can have terrible consequences. Recently, it has become a trend among hackers to target unpatched Android smartphones. Attackers were also found exploiting the flaws in Pulse Secure VPN in an attempt to compromise the cybersecurity of various organizations and individuals.
The flaw in Pulse Secure VPN
According to Kevin Beaumont, who is a Uk based cybersecurity expert, the assertion that ‘Revil’ is big-time ransomware and at least 2 companies are affected after the hackers exploited the vulnerability in Pulse Secure’s VPN flaw.
Many hackers are now exploiting this flaw to launch ransomware attacks. As per the latest information, the organization that is said to be affected by this cyber attack is a currency exchange and travel insurance company ‘Travelex.’ According to cybersecurity experts, the attack was launched using the Revil ransomware. The consequences of this cyberattack compelled Travelex to shut down all of its online mode of operations.
As a result, the company shut down its system offline and had to manually operate its nationwide branches.
The vulnerability known as CVE-2019-1150 is regarded as highly ‘hazardous’ by the cybersecurity experts. CVE-2019-1150, an uncertain read data vulnerability attacks different versions of Pulse Secure VPN named Pulse Connect Secure and Pulse Policy Secure. The vulnerability allows hackers access to Https and connects the hackers to the company’s network without the hackers having to enter login credentials such as id and password. By exploiting this vulnerability, hackers can view confidential files, download files, and launch various malicious codes to disrupt the company’s entire network.
Pulse Secure VPN had released a security patch last year in April, and the users are requested to update to the latest security patch.
The flaw in Android Devices
Hacking group ‘SideWinder APT’ exploited vulnerabilities via 3 apps in the Google play store named as Camera, FileCrypt, and CallCam. “These apps may be attributed to SideWinder as the C&C servers it uses are suspected to be part of SideWinder’s infrastructure. Also, a URL linking to one of the apps’ Google Play pages is found on one of the C&C servers,” says Trend Micro cybersecurity experts.