On April 20, 2021, the Department of Cybersecurity and Infrastructure Security (CISA) issued a warning regarding the exploitation of security vulnerabilities related to Pulse Connect Secure Warning AA21-110A: Exploitation of secure vulnerabilities in Pulse Connect, as well as Emergency Directive (ED) 21-03, after a FireEye blog Identify security incidents where Pulse Secure VPN appliances have been compromised. The policy describes the specific actions that all US federal agencies should take to reduce the vulnerability and ensure compliance.

ED 21-03 was issued in response to the active exploitation of a number of remote code execution vulnerabilities prior to nation-state authentication, including one discovered this month Blog from Pulse Secure. The CISA ED follows April 15, 2021 Cyber ​​security advice from the National Security Agency warning of publicly known security vulnerabilities that are exploited to obtain authentication …



Source link

Leave a Reply