Organizations need to patch Pulse Secure VPNs

Organizations using Pulse Secure’s mobile VPN should patch vulnerabilities reportedly being exploited in the wild, possibly by a “Chinese espionage actor”.

The patch–available here–is considered important enough that the Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies a deadline of April 23 to apply them.

CISA’s guidance states that federal users of Pulse Connect Secure VPNs must use the company’s free utility to ascertain whether their devices are vulnerable.

If the vulnerability is found, affected government Pulse Secure software and appliances have to be immediately isolated from the network and a full report has to be made. In addition to the vulnerability detection tool, Pulse Secure has issued a replacement XML configuration file, which prevents the exploits from functioning when placed on affected devices.

“Organizations should examine available forensic evidence to determine if an attacker compromised user credentials,” wrote FireEye cybersecurity subsidiary Mandiant in a blog post. “[Pulse Secure parent company] Ivanti highly recommends resetting all passwords in the environment and reviewing the configuration to ensure no service accounts can be used to authenticate to the vulnerability.”

Pulse Secure recommends using its online Pulse Connect Secure Integrity Assurance tool to determine whether Pulse Connect Secure software has been compromised.

Copyright © 2021 IDG Communications, Inc.

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker