Who is Danny | Shutterstock

CISA has issued yet another emergency directive to federal agencies warning them about vulnerabilities affecting virtual private networking service Pulse Secure Connect. Agencies have until April 23 to address the vulnerabilities, which reportedly have already compromised some federal and private sector entities. “Reset all passwords associated with accounts passing through the Pulse Secure environment (including user accounts, service accounts, administrative accounts and any accounts that could be modified by any account described above),” the alert states. “If a Pulse Connect Secure appliance is compromised, all of these accounts should also be assumed to be compromised.” Tuesday’s directive is the third issued this year.

Sources:Â