CISA: 5 Agencies Using Pulse Secure VPNs Possibly Breached

April 30, 2021 – Article posted on BankInfoSecurity

The Cybersecurity and Infrastructure Security Agency is investigating whether five government agencies may have been breached when attackers exploited vulnerabilities in Pulse Connect Secure VPN products, according to a senior agency official.

Earlier this month, researchers published a report about attack groups attempting to exploit four Pulse Connect Secure vulnerabilities, including a zero-day flaw discovered in April that’s now tracked as CVE-2021-22893. Ivanti, the parent company of Pulse Secure, has issued patches for the vulnerabilities and urged customers to apply them.

…

Drew Schmitt, senior threat intelligence analyst at GuidePoint Security, says the SolarWinds, Exchange and Pulse Secure attacks illustrate how attackers are using vulnerabilities in the software supply chain to target victims as well as gain long-term access to sensitive networks.

“Threat actors are exploiting these vulnerabilities that result in prolonged access to environments and the ability to conduct post-exploitation operations with a focus on stealing information and gaining insight into the organizations’ operations,” Schmitt says. “The level of risk associated with these high-profile attacks is critical, particularly for public sector organizations. It is imperative that organizations continue to evaluate their infrastructure for vulnerabilities and reduce their exploitable attack surface to prevent infiltration into their organizations.”

Read More HERE.