Clothing retailer Monsoon Accessorize has been using VPN servers that have critical vulnerabilities, putting it at risk of hacking or ransomware attack, according to an analysis by VPNpro.
The researchers discovered that Monsoon has been utilizing unpatched Pulse Connect Secure VPN servers, known to contain vulnerabilities that enable cyber-criminals to see active users on the company’s VPN as well as their plaintext passwords.
This information can then be used to access the servers and attack the companies in various ways.
Hugo van der Toorn, manager offensive security at Outpost24, told Infosecurity: “This showcases the importance of truly understanding your network perimeter and your vulnerabilities therein. It is pivotal that organizations try to minimize their exposure to the internet and to understand and secure that what is exposed. As proven in this research, scanning the entire internet for specific vulnerabilities can be done with relative ease and happens every time a new critical vulnerability becomes known to the public. Scan everything and see where an attacker can get in, this works both defensively and offensively.
“The safest thing is to not expose anything directly to the internet, unless it is needed for performing daily business. A good example is a VPN; those are meant to allow employees to connect back to the office network and access internal resources. It is important for every device/service that is exposed to the internet to have clear visibility of this system: What software is in use, what components, which versions of those, what ports are open and on what hardware is it running.”
Read the full article here: