Here’s Why you should Patch Your Pulse Connect Secure Appliance

Here’s Why you should Patch Your Pulse Connect Secure Appliance

The company’s Pulse Secure team published a blog Monday calling attention to the update, saying it has worked with CISA, Mandiant/FireEye, Stox Friedberg and others to investigate and respond to malicious activity that it says was identified on a “very limited number” of customer systems.

Ivanti has released a security update to address a new authentication bypass vulnerability in Pulse Connect Secure appliance disclosed last month and is urging customers to move quickly to apply the patch.

“The Pulse team took swift action to provide mitigations directly to the limited number of impacted customers that remediates the risk to their system, and we are pleased to be able to deliver a security patch in such short order to address the vulnerability,” the company said in the blog.

The update comes nearly two weeks after the company and others began sounding the alarm about that vulnerability being used alongside older vulnerabilities being exploited by a sophisticated threat actor.

The company says four vulnerabilities are currently being exploited, but three of them were patched in 2019 and 2020. The fourth – which was patched today – is tracked as CVE-2021-22893 and could allow an unauthenticated user to perform remote arbitrary file execution on the Pulse Connect Secure gateway.

As sophisticated threat actors continue their attacks on U.S. businesses and government agencies, we will continue to work with our customers, the broader security industry, law enforcement and government agencies to mitigate these threats. Companywide we are making significant investments to enhance our overall cyber security posture, including a more broad implementation of secure application development standards.

In that vein, we recommend that customers take advantage of our Pulse Security Integrity Checker Tool, an efficient and easy-to-use tool for our customers to identify malicious activity on their systems, and continue to apply and follow recommended guidance for all available security patches.

According to a FireEye blog, a nation-state hacking group backed by China is believed to be behind the exploits that are targeting U.S. defense companies. he actors are suspected to have obtained administrator-level access to the appliances through previously disclosed Pulse Secure vulnerabilities, and other intrusions were due to the new vulnerability.

The News Highlights

  • Here’s Why you should Patch Your Pulse Connect Secure Appliance
  • Check the latest update on Security news
  • .

Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
This gold-plated Nintendo Wii was made for Queen Elizabeth II, now on sale

This gold-plated Nintendo Wii was made for Queen Elizabeth II, now on sale

So, for $300,000 or the price of a house (to put things into perspective), you can get yourself a 2006 Wii 8 GB, with an included game of Big Family Games and ...
Jae’Sean Tate, removed due to health and safety protocols, joins Rockets’ long list of injured

Jae’Sean Tate, removed due to health and safety protocols, joins Rockets’ long list of injured

With Tate unavailable, they will use their 38th starting lineup in 66 games. The game will be the Rockets’ fifth in the past five they had at least eight ...
Indiana Governor vetoes bill limiting local health claims

Indiana Governor vetoes bill limiting local health claims

Legislative Republicans voted last month to override Holcomb’s veto of another bill giving themselves more authority to intervene during statewide emergencies ...
Health insurance bill moving to full vote in the House

Health insurance bill moving to full vote in the House

An estimated 204,000 people got health insurance coverage through the individual market on Colorado’s exchange in 2019, while 267,000 people got coverage in ...
Governor Wolf announces $ 11 million to support business expansion and job creation in five PA counties

Governor Wolf announces $ 11 million to support business expansion and job creation in five PA counties

Rock Lititz Studio, LLC, through EDC Finance Corporation, was approved for a 15-year, $2 million loan at a 1 percent reset rate to build a 44,400-square-foot ...
Anavex Life Sciences Appoints Former FDA Officer as Senior

Anavex Life Sciences Appoints Former FDA Officer as Senior

News HighlightsNEW YORK, May 05, 2021 (News) — Anavex Life Sciences Corp. (“Anavex” or the “Company”) (Nasdaq: AVXL), a clinical-stage biopharmaceutical ...
Xbox Game Pass Ultimate subscribers can access the Spotify Premium Perk

Xbox Game Pass Ultimate subscribers can access the Spotify Premium Perk

Source See Xbox Game Pass Ultimate terms and details in the Product Description below After any promotional period, subscription continues to be charged at ...
Security flaws in seven-year-old iPhone models with iOS 12.5.3 fixed by Apple

Security flaws in seven-year-old iPhone models with iOS 12.5.3 fixed by Apple

Apple is rolling out the iOS 12.5.3 update to its iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation). ...
Boeing strengthens business to convert old 737 passenger planes into cargo jets

Boeing strengthens business to convert old 737 passenger planes into cargo jets

Source www.cnbc.com Air cargo has been a bright spot for airlines during the pandemic as passenger demand dropped sharply, while lower capacity has driven up ...
‘Fornite’ vs. Apple: Half of its Revenue is from PS4, Epic Games Not to Lose if it Does Not Return to iOS

Ricocheting rumors, late AirPods, and the new site

In case you haven’t noticed, we have a new Macworld.com, and we couldn’t be more excited about it. It’s not just a redesign, we’ve completely uploaded our ...
Show next
Compsmag - Latest News from tech, business and health
Logo