Cybersecurity, Privacy, & AI

Trending Now

What Cross-Border M&A Teaches About the Limits of Legal AI • Unpacking the Great American AI Act • Illinois Department of Human Rights Seeks Public Comment on Draft AI Employment Regulations • CISA Close to Issuing New Cyber AI Directive • Pentagon’s Cyber Defense Command Drafting Plan to Defend Critical Infrastructure

Published on April 22, 2021 • Cyber

CISA Warns on Vulnerabilities Affecting Private Networking Service

Who is Danny | Shutterstock

CISA has issued yet another emergency directive to federal agencies warning them about vulnerabilities affecting virtual private networking service Pulse Secure Connect. Agencies have until April 23 to address the vulnerabilities, which reportedly have already compromised some federal and private sector entities. “Reset all passwords associated with accounts passing through the Pulse Secure environment (including user accounts, service accounts, administrative accounts and any accounts that could be modified by any account described above),” the alert states. “If a Pulse Connect Secure appliance is compromised, all of these accounts should also be assumed to be compromised.” Tuesday’s directive is the third issued this year.

Sources:

NextGov: CISA Issues Deadline for Federal Agencies to Address Pulse Secure Vulnerabilities
Federal Computer Week: CISA Issues Third Emergency Directive since SolarWinds

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.