HC3 Threat Briefing TLP White - Pulse Secure VPN Servers Leak: Incident Case Study

August 27, 2020

If your organization uses Pulse Secure VPN, ensure that you have patched this vulnerability by updating to

• Version 8.2R12.1 or later
• Version 8.3R7.1 or later
• Version 9.0R3.4 or later

Patches for this vulnerability were published in April 2019 and are available through the Pulse Secure Download Center at https://my.pulsesecure.net. There is no other mitigation for this vulnerability.

Once you have patched, change your organization’s passwords to avoid threat actors abusing already-leaked
credentials. Read more under key resources.

Key Resources

Related Resources

Advisory
Hospitals That Are Oracle Customers Urged to Take Immediate Action to Address Security Vulnerability
Public
Issue Landing Page
Cybersecurity and Risk Advisory Service
Issue Landing Page
AHA Preferred Cybersecurity & Risk Provider Program
Issue Landing Page
Support for Your Cybersecurity Program
Guides/Reports
Cybersecurity and Risk Advisory Services
Standards/Guidelines
Become an AHA Preferred Cybersecurity and Risk Provider
Public