Latest #ConnectAround issue - there’s no patch, and the mitigation silently fails to work if an admin makes a config change elsewhere.
If you run Pulse Secure I’d suggest being very cautious.
https://www.bleepingcomputer.com/news/security/ivanti-vpn-appliances-vulnerable-if-pushing-configs-after-mitigation/
#threatintel
Kevin Beaumont /
npub176…fkwlw
2024-01-22 19:47:32
in reply to nevent1q…dpg2
Author Public Key
npub176rs4lx7gjqwepgg75psfpv7zjj3xz0lyj4n7rux93ftm390sars6fkwlwPublished at
2024-01-22 19:47:32Event JSON
{
"id": "5b56bc584323a38c23deedffd264a1cda9aafd6e704e6f72585789870e1c0a33",
"pubkey": "f6870afcde4480ec8508f50304859e14a51309ff24ab3f0f862c52bdc4af8747",
"created_at": 1705952852,
"kind": 1,
"tags": [
[
"e",
"f16528e0b7330a64517116aa711a97ef1121d6846b7684a793ab86fe64f1737e",
"wss://relay.mostr.pub",
"reply"
],
[
"t",
"connectaround"
],
[
"t",
"threatintel"
],
[
"proxy",
"https://cyberplace.social/users/GossiTheDog/statuses/111801326136256236",
"activitypub"
]
],
"content": "Latest #ConnectAround issue - there’s no patch, and the mitigation silently fails to work if an admin makes a config change elsewhere. \n\nIf you run Pulse Secure I’d suggest being very cautious. \n\nhttps://www.bleepingcomputer.com/news/security/ivanti-vpn-appliances-vulnerable-if-pushing-configs-after-mitigation/\n\n#threatintel",
"sig": "e5e641eee18454c54d115c9d98b667e917f1049a0bbdea0e5a7f8ad1c7f0e00c2264e5fd5e314168867f39172720dbdcce9e563251767c8c5bba0de1e52b8f90"
}