Skip to main content

Hackers hit popular enterprise security tools

(Image credit: Image source: Shutterstock/jijomathaidesigners)

Wide-ranging cyberattacks launched against web-based utility tools and enterprise VPN solutions are being called “some of the worst” (opens in new tab) to occur this year.

The tools and solutions in question are Webmin, a web-based utility for managing Linux and *NIX systems, as well as Pulse Secure and Fortinet's FortiGate – enterprise VPN solutions in use by, among others, US government institutions.

As all of the vulnerabilities allow hackers to fully take over an attacked network or system, all are considered equally dangerous.

Cybersecurity firm Bad Packets says there are several hackers, or hacking groups, that are currently exploiting the Webmin vulnerability, one of which appears to also have been behind the IoT botnet called Cloudbot. The patch was released last Sunday, and all administrators are urged to update their Webmin to V1930 as soon as possible.

There are more than a million active Webmin installs on the internet at the moment, with all of the versions available at Sourceforge being vulnerable. To make matters even worse, the version 1890 has the backdoor (opens in new tab)active by default.

When it comes to Pulse Secure and FortiGate, the vulnerability allows hackers to either authenticate on the devices or fake an active VPN session (opens in new tab).

Bad Packets said they identified Pulse Secure VPNs on the networks of US government agencies, including the military, public universities and schools, financial institutions, healthcare organisations and many others.

Allegedly, there are roughly 42,000 Pulse Secure VPN systems available online, 14,000 of which are yet unpatched.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.