Fake enterprise VPN downloads used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...
The Hacker News

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

Storm-2561 spreads fake VPN installers via SEO poisoning and GitHub downloads, stealing enterprise VPN credentials with Hyrax malware.
Bleeping Computer

Pulse Secure VPN users can't login due to expired certificate

Users worldwide cannot connect to Pulse Secure VPN devices after a code signing certificate used to digitally sign and verify software components has expired. "As of today, staff are no longer ...
ZDNet

Hackers are targeting flaws in these VPN devices now. Here's what you need to do

Hackers are actively exploiting a newly discovered flaw in Pulse Connect Secure VPN products, alongside some older flaws that some customers have yet to patch. Cybersecurity firm FireEye reported it ...