New Delhi, Aug 5 (SocialNews.XYZ) A Russian hacker has published passwords of over 900 enterprise VPN servers on a hacking forum visited by several ransomware groups, putting them at risk.
Even if those companies patch their VPN servers now, they need to change passwords to avoid hackers abusing the leaked credentials to take over devices and then spread to their internal networks, reports ZDNet.
The list of plaintext usernames and passwords includes 913 IP addresses of 'Pulse Secure' VPN servers.
All the 'Pulse Secure' VPN servers were running a firmware version vulnerable to the 'CVE-2019-11510' vulnerability.
The threat intelligence analyst Bank Security said the hacker used an exploit for the 'CVE-2019-11510' vulnerability to gain access to systems, dump server details (including usernames and passwords), and then collected all the information in one central repository.
The 'Pulse Secure' VPN servers are usually employed as access gateways into corporate networks so staff can connect remotely to internal apps from across the internet.
"These types of devices, if compromised, can allow hackers easy access to a company's entire internal network," said the report.
The list has been shared on a hacker forum that is frequented by multiple ransomware groups who break into corporate networks by leveraging network edge devices and ask for huge ransom demands.
The companies, whose names were not revealed in the report, "have to patch their Pulse Secure VPNs and change passwords with the utmost urgency".
Source: IANS
About Gopi
Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.
He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.
When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.
He can be reached at gopi@socialnews.xyz