HC3 Threat Briefing TLP White - Pulse Secure VPN Servers Leak: Incident Case Study

August 27, 2020

If your organization uses Pulse Secure VPN, ensure that you have patched this vulnerability by updating to

• Version 8.2R12.1 or later
• Version 8.3R7.1 or later
• Version 9.0R3.4 or later

Patches for this vulnerability were published in April 2019 and are available through the Pulse Secure Download Center at https://my.pulsesecure.net. There is no other mitigation for this vulnerability.

Once you have patched, change your organization’s passwords to avoid threat actors abusing already-leaked
credentials. Read more under key resources.

Key Resources

Related Resources

Special Bulletin
Senate Deal Reached to End Government Shutdown
Member
Guides and Reports
Strategies for Cyber Preparedness in Health Care
Advisory
Hospitals That Are Oracle Customers Urged to Take Immediate Action to Address Security Vulnerability
Public
Issue Landing Page
Cybersecurity and Risk Advisory Service
Issue Landing Page
Support for Your Cybersecurity Program
Guides and Reports
Cybersecurity and Risk Advisory Services