Updated: Information about CISA’s update today was added to the active alert originally issued on April 20.
Washington: CISA confirmed today that it is investigating at least five federal agencies to determine whether they pass Recently disclosed vulnerabilities in Pulse Connect Secure devices.
Matt Hartman, deputy executive assistant director of CISA, said in a statement: Break the defense“CISA knows that at least five federal civil agencies have run the Pulse Connect security integrity tool and have identified signs of potential unauthorized access. We are working with each agency to verify whether an intrusion has occurred, and Incident response support will be provided accordingly.”
Hartman did not disclose the agency that is investigating.
Since March 31, CISA has been assisting “multiple entities” whose vulnerable Pulse Connect Secure products have been exploited.Previous sources from CISA tell Break the defense The US government has not yet made a decision on attribution.
On April 20th, Information system announced Emergency order with Active alert Regarding the four vulnerabilities in Pulse Connect Secure-three previously known vulnerabilities since last year, and one newly discovered this month. CISA today Update Activity alerts to contain new information about Transport Layer Security (TLS) fingerprints, which can be used to identify malicious activities.
The emergency directive requires all federal civil agencies to identify and operate the Pulse Connect Secure device in use Free online tools Assess whether the product has been damaged. The result was due to CISA last Friday. Based on these findings, CISA found further evidence of potential violations.
Previous CISA source tell Break the defense Twenty-four federal agencies use a popular product that enables staff to remotely access the federal network through a virtual private network (VPN). The VPN encrypts the data when it transmits data through the public network.
Without knowing which institutions are affected, more detailed information about the tactics, techniques, and procedures used by the attackers or these possible hackers, it is difficult to judge the potential severity. It is obvious that federal agencies are generally still the targets of continued network operations by foreign governments.
These latest news of potential violations are close behind. Solar wind with Microsoft Exchange server Cyber espionage.American government Formally attributed to The former-affecting at least 9 federal agencies-flew to Russia on April 15th, while the latter was Well known Become a job Mainly Chinese threats, Although the US government has not officially attributed this movement to this.