2019 will be remembered as the year when major security bugs were disclosed in a large number of enterprise VPN servers, such as those sold by Pulse Secure, Palo Alto Networks, Fortinet, and Citrix.
A new report published today reveals that Iran’s government-backed hacking units have made a top priority last year to exploit VPN bugs as soon as they became public in order to infiltrate and plant backdoors in companies all over the world.
According to a report from cyber-security firm ClearSky, Iranian hackers have targeted companies “from the IT, Telecommunication, Oil and Gas, Aviation, Government, and Security sectors.”
SOME ATTACKS HAPPENED HOURS AFTER PUBLIC DISCLOSURE
The report comes to dispel the notion that Iranian hackers are not sophisticated, and less talented than their Russian, Chinese, or North Korean counterparts.
ClearSky says that “Iranian APT groups have developed good technical offensive capabilities and are able to exploit 1-day vulnerabilities in relatively short periods of time.”
By Catalin Cimpanu | February 16, 2020
