Monthly Archives: September, 2019

  1. Vulnerable Private Networks: Corporate VPNs Exploited in the Wild

    The details of multiple, critical Pulse Secure SSL VPN vulnerabilities are well known; they were disclosed in detail by two security researchers as part of a talk at Black Hat USA 2019¬†on August 7, 2019. What has not been widely covered, but should come as no surprise, is that APT actors have been actively exploiting these vulnerabilities in order to gain access to targeted networks. The vulnerability being exploited is CVE-2019-11510, which allows a remote unauthenticated attacker to send specially crafted requests that allow read access of arbitrary files on the Pulse Secure VPN. This includes access to databases that the VPN server uses to track sessions, cleartext credentials, and NTLM hashes. Volexity has observed multiple attackers exploiting this vulnerability starting approximately a week after the talk was given. Volexity has worked on multiple incidents where networks, whose remote access is protected by two-factor authentication (2FA), have been intruded upon. […]

  2. Digital Crackdown: Large-Scale Surveillance and Exploitation of Uyghurs

    Over the last several years, numerous reports have emerged regarding the shocking treatment of Uyghurs, a Muslim minority ethnic group that makes up a large part of the Xinjiang Uyghur Autonomous Region (XUAR) in northwest China. The Uyghur people, especially those that want the XUAR to become its own nation under the name East Turkistan, are considered to be a threat to the Chinese Communist Party (CCP). Recent reporting has shown that this point of view by the CCP against the Uyghur people has resulted in wide-scale harassment, relocation to detention camps, and oppressive high-tech surveillance aimed at tracking physical movements and behavior. With all of these reports on physical real-world issues, it should come as no surprise that cyberspace has become a battle ground for the Uyghur people. The level of surveillance occurring in China against Uyghurs extends well beyond their borders and has fully entered the digital realm. […]