{"id":100782,"date":"2020-01-13T10:42:24","date_gmt":"2020-01-13T18:42:24","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2020\/01\/u-s-government-issues-powerful-security-alert-upgrade-vpn-or-expect-cyber-attacks"},"modified":"2020-01-13T10:42:24","modified_gmt":"2020-01-13T18:42:24","slug":"u-s-government-issues-powerful-security-alert-upgrade-vpn-or-expect-cyber-attacks","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2020\/01\/u-s-government-issues-powerful-security-alert-upgrade-vpn-or-expect-cyber-attacks","title":{"rendered":"U.S. Government Issues Powerful Security Alert: Upgrade VPN Or Expect Cyber-Attacks"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/u-s-government-issues-powerful-security-alert-upgrade-vpn-or-expect-cyber-attacks.jpg\"><\/a><\/p>\n<p>The United States Department of Homeland Security\u2019s Cybersecurity and Infrastructure Security Agency (CISA) has issued an <a href=\"https:\/\/alert https:\/\/www.us-cert.gov\/ncas\/alerts\/aa20-010a\" target=\"_blank\" class=\"\" title=\"https:\/\/alert https:\/\/www.us-cert.gov\/ncas\/alerts\/aa20-010a\" rel=\"nofollow noopener\">alert<\/a> that strongly urges users and administrators alike to update a VPN with long-since disclosed critical vulnerabilities. \u201cAffected organizations that have not applied the software patch to fix a remote code execution (RCE) vulnerability,\u201d the CISA alert warns, \u201ccan become compromised in an attack.\u201d What has dictated the need for this level of Government agency interest and the urgency of the language used? The simple answer is the <a href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2020\/01\/11\/air-travel-cyber-attacks-new-york-airport-hit-travelex-exchange-held-to-ransom\/\" target=\"_blank\" class=\"\" title=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2020\/01\/11\/air-travel-cyber-attacks-new-york-airport-hit-travelex-exchange-held-to-ransom\/\">ongoing Travelex foreign currency exchange cyber-attack<\/a>, thought to have been facilitated by no less than <a href=\"https:\/\/threatpost.com\/sodinokibi-ransomware-travelex-fiasco\/151600\/\" target=\"_blank\" class=\"\" title=\"https:\/\/threatpost.com\/sodinokibi-ransomware-travelex-fiasco\/151600\/\" rel=\"nofollow noopener\">seven VPN servers that were late in being patched<\/a> against this critical vulnerability. The vulnerability in question is CVE-2019\u201311510, first disclosed way back in April 2019 when Pulse Secure VPN also released a patch to fix it.<\/p>\n<p><b>Critical VPN security vulnerability timeline<\/b><\/p>\n<p>The CISA alert provides a telling timeline that outlines how the Pulse Secure VPN critical vulnerability, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-11510\" target=\"_blank\" class=\"\" title=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-11510\" rel=\"nofollow noopener\">CVE-2019\u201311510<\/a>, became such a hot security potato. Pulse Secure first released an advisory regarding the vulnerabilities in the VPN on April 24, 2019. \u201cMultiple vulnerabilities were discovered and have been resolved in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS),\u201d that <a href=\"https:\/\/kb.pulsesecure.net\/articles\/Pulse_Security_Advisories\/SA44101\/\" target=\"_blank\" class=\"\" title=\"https:\/\/kb.pulsesecure.net\/articles\/Pulse_Security_Advisories\/SA44101\/\" rel=\"nofollow noopener\">advisory warned<\/a>, \u201cthis includes an authentication by-pass vulnerability that can allow an unauthenticated user to perform a remote arbitrary file access on the Pulse Connect Secure gateway.\u201d An upgrade patch to fix the problem, which had been rated as critical, was made available at the same time. Warning users that the vulnerabilities posed a \u201csignificant risk to your deployment,\u201d Pulse Secure recommended patching as soon as possible.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The United States Department of Homeland Security\u2019s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert that strongly urges users and administrators alike to update a VPN with long-since disclosed critical vulnerabilities. \u201cAffected organizations that have not applied the software patch to fix a remote code execution (RCE) vulnerability,\u201d the CISA alert warns, \u201ccan [\u2026]<\/p>\n","protected":false},"author":513,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34,1490,31],"tags":[],"class_list":["post-100782","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode","category-government","category-policy"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/100782","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/513"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=100782"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/100782\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=100782"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=100782"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=100782"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}