Chinese Hackers Targeting U.S. Defense Industry With Pulse Secure 0-Day Flaw
Phil Richard, CSO at Pulse Secure, posted a security update today reporting that the company had been made aware of a new vulnerability with Pulse Connect Secure appliances. Subsequently, the company is working with security company FireEye
Though it is early in the investigation, the malware family used to target U.S. D.I.B. networks is suspected to originate from China. Furthermore, the group behind this malware is believed to be operating on behalf of the Chinese government with possible ties to APT5. A trusted third-party to FireEye uncovered evidence linking the new malicious activity to historic APT5 campaigns, though FireEye is not willing or able to make the same connection.
Whatever the case may be, companies with Pulse Secure appliances should apply the latest patches and begin internal investigations with forensic analysis to be safe. Moreover, all companies should always consider themselves under attack and be on alert.