Cybersecurity, Privacy, & AI

Trending Now

FedRAMP Just Dropped CR26 in Public Preview & the Whole Game Is Changing • Shadow AI Continues to Expose Company IP • DoD Wants More Than $2B in Fiscal 2027 to Move Beyond ‘Fragmented’ CJADC2 Deployments • Tech Force Director Says Roughly 200 Have Been Hired Through the Program • OpenAI Heralds Cybersecurity, Election Interference Safeguard Plans for 2026 Midterms

Published on May 5, 2021 • Cyber

Five Federal Agencies Show Signs of Pulse Connect VPN Breach

LeoWolfert | Shutterstock

CISA is investigating at least five federal agencies that may have been breached by hackers exploiting vulnerabilities in Pulse Connect Secure VPN applications. The flaw was discovered and publicized by security firm FireEye in April. CISA issued a directive to federal agencies to use Pulse Secure’s tools to check for signs of suspicious activity; at least five came up positive. The attack has not been positively attributed, but FireEye has identified two threat groups, one of which may have ties to China. A total of 24 federal agencies use these virtual private network appliances.

Sources:

Breaking Defense: CISA Investigates Possible Hacks of Federal Agencies
Healthcare Info Security: CISA: 5 Agencies Using Pulse Secure VPNs Possibly Breached

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.