FBI Alert ac-000112-tt TLP Green: Unidentified Cyber Actors Exploit Pulse Secure VPN Vulnerability
FBI Alert ac-000112-tt TLP Green: Unidentified Cyber Actors Exploit Pulse Secure VPN Vulnerability to Gain Access to Unprotected Networks
TLP Green
January 8, 2020
Since August 2019, unidentified cyber actors have used a Pulse Secure VPN Vulnerability CVE-2019-11510, which was disclosed this past summer, to exploit notable US entities. In August 2019, cyber actors gained unauthorized access to a US financial entity’s research network using CVE-2019-11510. In mid August 2019, a US municipal government network was also compromised using the same vulnerability. Due to the sophistication of the compromise and Tactics, Techniques, and Procedures (TTPs) utilized, the FBI believes unidentified nation-state actors are involved in both compromises; however, it remains unclear if these are isolated incidents. Open source reporting indicates that several identified nation-state groups are actively targeting this vulnerability.