Security News

The U.S. Cybersecurity and Infrastructure Security Agency issued an alert on Friday to warn organizations about the risk posed by a recently patched vulnerability affecting F5 Networks' BIG-IP application delivery controller. The critical security hole, identified as CVE-2020-5902, allows an attacker with access to the product's Traffic Management User Interface configuration utility to obtain credentials and other sensitive data, intercept traffic, and execute arbitrary code or commands, resulting in the system getting completely compromised.

The U.S. National Security Agency and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency have issued a joint alert urging critical infrastructure operators to take immediate measures to reduce the exposure of operational technology systems to cyberattacks. The NSA and CISA say it's imperative that critical infrastructure asset owners and operators secure industrial control systems and other OT systems due to the high risk of cyberattacks launched by foreign threat actors.

The Cybersecurity and Infrastructure Security Agency announced the addition of two leading cybersecurity experts to support the agency's COVID-19 response efforts. Corman and Arnold were both hired using authorities granted under the CARES Act, which allows agencies to hire staff to temporarily support the COVID-19 response.

The U.S. Cybersecurity and Infrastructure Security Agency is ordering all federal executive branch offices to apply a patch for a wormable Windows Server bug within 24 hours, warning of a "High potential for compromise of agency information systems." "CISA has determined that this vulnerability poses unacceptable significant risk to the Federal Civilian Executive Branch and requires an immediate and emergency action," the agency said in the directive.

In an alert this week, the Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation warned enterprises about the use of Tor in cyberattacks. Maintained by non-profit organization Tor Project, the Tor software and the underlying infrastructure are meant to provide users with anonymity and the means to bypass censorship by encrypting requests and routing them via multiple nodes.

The U.S. Cybersecurity and Infrastructure Security Agency is warning that foreign hackers are likely to exploit a newly disclosed, critical vulnerability in a raft of Palo Alto Networks firewalls and enterprise VPN appliances, which allows for device takeover without authentication. Palo Alto Networks on Monday posted an advisory on the vulnerability, which affects the devices' operating systems.

That's just one of the vulnerabilities that the agencies are seeing being exploited this year by what they say are sophisticated foreign cyber actors. All that for 2020, and we still haven't even gotten to the meat of the report: the 10 most exploited vulnerabilities for the years 2016 through 2019.

A memorandum sent by the United States Cybersecurity and Infrastructure Security Agency to Chief Information Officers at federal agencies reminds them to use EINSTEIN 3 Accelerated's Domain Name System sinkholing capability for DNS resolution. In the United States, DNS resolution services provided by CISA are mandatory in most federal agencies in the executive branch.

Patching vulnerable enterprise VPNs from Pulse Secure is not enough to keep out malicious actors who have already exploited a vulnerability, the U.S. Cybersecurity and Infrastructure Security Agency warns. In August last year, Pulse Secure said that a majority of customers had installed the fixes released in April, but CISA now says that patching alone might not be enough to ensure the security of affected systems.

The United States Cybersecurity and Infrastructure Security Agency yesterday issued a fresh advisory alerting organizations to change all their Active Directory credentials as a defense against cyberattacks trying to leverage a known remote code execution vulnerability in Pulse Secure VPN servers-even if they have already patched it. The warning comes three months after another CISA alert urging users and administrators to patch Pulse Secure VPN environments to thwart attacks exploiting the vulnerability.