The Online Safety The Infrastructure Security Agency (CISA) has issued an Emergency Policy and Alert AA21-110A dealing with the exploitation of Pulse Connect Secure VPN software. Pulse Connect Secure VPN is a widely used SSL remote access solution in the US defense sector. CISA policy calls on federal civil executive agencies to take immediate action: Identify instances of the software running in their respective organizations and deploy the Pulse Connect Secure Integrity Tool and run it on a daily basis until a patch is available (early May 2021). .
According to CISA, compromises have been made “within US government agencies, critical infrastructure companies and other private sector organizations”. CNN reports that companies affected are defense companies and financial institutions, and cybersecurity firm FireEye found that the vector of infection has affected members of the US Defense Industrial Base.
Ivanti, the parent …