Security News > 2020 > January > REvil ransomware exploiting VPN flaws made public last April
Take this week's revelation by researcher Kevin Beaumont that serious vulnerabilities in Pulse Secure's Zero Trust business VPN system are being exploited to break into company networks to install the REvil ransomware.
His evidence comprises anecdotal reports from victims mentioning unpatched Pulse Secure VPN systems being used as a way in by REvil.
As Beaumont points out, the patches for the vulnerabilities in some versions of the Pulse Connect Secure and Pulse Policy Secure were first made public in an advisory published by the company on 24 April 2019.
A week before that, as we reported, a more general warning was issued by US-CERT regarding weaknesses in several companies' VPN clients, including Pulse Secure's Connect Secure.
For up to eight months before the latest REvil attacks, it was public knowledge that Pulse Secure's VPN systems had severe weaknesses that needed urgent attention.