PulseSecure has released patches for several flaws in its Connect Secure VPN appliance, one of which has been used in active attacks for some time.
A new China-aligned threat group known as UNC2630 is using a zero day in Pulse Connect Secure VPN to breach government agencies and enterprises.
A critical flaw in SonicOS could lead to remote code execution in vulnerable SonicWall firewall appliances.
Vulnerabilities need to be patched, but security doesn’t stop with updates since the attackers may already be inside the network. Additional steps may be necessary, such as resetting passwords and looking for evidence of other types of infection or compromise.
The Cloudflare Warp security service is now available in beta for Windows and macOS, a year after the app became available for iOS and Android.