U.S. Cybersecurity and Infrastructure Security Agency warns organizations using Pulse Secure VPN servers that their networks may still be vulnerable to hacking even if they applied patches for a previous flaw. Attackers are using compromised Active Directory credentials to gain network access months after targeted organizations patched their software, according to the CISA alert. The agency is encouraging organizations to update and change their Active Directory passwords, and update their VPN servers with single-factor authentication. CISA also found that some attackers were using administrative tools such as LogMeIn and TeamViewer to gain persistence within networks.”]
Source: https://www.cuinfosecurity.com/cisa-warns-patched-pulse-secure-vpns-still-vulnerable-a-14143