ZDnet reported this week that the credentials for over 900 Enterprise Pulse Secure VPN servers have been published on a hacking forum. The takeaway away here isn’t just the exposed passwords, though. The compromises used a vuln that was first made public last year in CVE-2019-11510. And here’s the kicker: a patch has been available almost as long.
Every company (Yes, yours too.) should have a vulnerability management program that incorporates a well-oiled process to patch the vulns you identify.
principia/RAID can jump start your Vuln management program. Call us to talk about how we can help you get your patching up to speed.