Iranian Hackers Targeting, Exploiting VPN Flaws of US Healthcare, IT Orgs
Hackers with ties to Iran are exploiting flaws found in commonly used Virtual Private Networks (VPNs) across a range of federal agencies and businesses, including those in the healthcare and IT sectors, according to a joint alert from the Department of Homeland Security Cybersecurity and Infrastructure Agency and the FBI.
It appears the threat actors are connected to a hacking group known as Pioneer Kitten and UNC757, based on an analysis of indicators of compromise (IOCs) and tactics, techniques, and procedures. The group is actively exploiting several known vulnerabilities in Pulse Secure VPNs, Citrix NetScaler, and F5 network solutions.
CISA and the FBI have repeatedly warned...