I strongly suspect there are a whole bunch of large orgs running incidents for #ConnectAround now.
Why? Pulse Secure boxes which didn't have the mitigation supplied have stopped responding totally for over a day.. when Shodan history shows they've been running on same IP for years.
Kevin Beaumont /
npub176…fkwlw
2024-01-18 15:54:17
in reply to nevent1q…vlrw
Author Public Key
npub176rs4lx7gjqwepgg75psfpv7zjj3xz0lyj4n7rux93ftm390sars6fkwlwPublished at
2024-01-18 15:54:17Event JSON
{
"id": "dfad2edfc8900c7532b96436f26306eb495c05c48476263ece126217d4d71d2e",
"pubkey": "f6870afcde4480ec8508f50304859e14a51309ff24ab3f0f862c52bdc4af8747",
"created_at": 1705593257,
"kind": 1,
"tags": [
[
"e",
"a98847578e9ff8dad79e6ec5732be7f667220ff6ff7506bd89a9abaca1b65edb",
"wss://relay.mostr.pub",
"reply"
],
[
"t",
"connectaround"
],
[
"proxy",
"https://cyberplace.social/users/GossiTheDog/statuses/111777759724208491",
"activitypub"
]
],
"content": "I strongly suspect there are a whole bunch of large orgs running incidents for #ConnectAround now.\n\nWhy? Pulse Secure boxes which didn't have the mitigation supplied have stopped responding totally for over a day.. when Shodan history shows they've been running on same IP for years.",
"sig": "217a52d46e98a3d87fa90a1d597e19077abca489c2b1ef0887d790e66f23fc4afc3b3bdfb3bd7d0130a801ee697058c76f60365404ca82fe0990bf0b490f9701"
}