3 matches found
Keep Attackers Out of VPNs: NSA, CISA Offer Guidance
Unsecured VPNs can be a hot mess: Just ask Colonial Pipeline which got pwned by the REvil ransomware crooks with an old VPN password or the 87,000 at least Fortinet customers whose credentials for unpatched SSL-VPNs were posted online earlier this month. Vulnerabilities in VPN servers are like...
Microsoft, CISA and NSA offer security tools and advice, but will you take it?
Microsoft offers to help you with patching Exchange servers, CISA offers an insider threat tool, and together with the NSA they offer advice on how to choose and harden your VPN. These initiatives from major parties aim to help organizations assess and manage their security needs. But will they...
CISA Emergency Directive 21-03: VPN Vulnerabilities Actively Exploited
On April 20, 2021, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency CISA released an alert on the exploitation of Pulse Connect Secure Vulnerabilities with Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities, as well as Emergency Directive ED...