National Security Agency Cybersecurity Advisory: Mitigating Recent VPN Vulnerabilities (October 7,2019)

Multiple Nation State Advanced Persistent Threat (APT) actors have weaponized CVE-2019-11510, CVE-2019-11539, and CVE-2018-13379 to gain access to vulnerable VPN devices.

In August, 2019, the Canadian Centre for Cyber Security released guidance for mitigating vulnerabilities in 3 major VPN products (Pulse Secure®, Palo Alto GlobalProtect™, and Fortinet Fortigate®). That guidance lists indicators of compromise for detecting malicious activity [1]. This Cybersecurity Advisory is intended to convey additional actions for compromise recovery and longer-term actions for hardening.

Related Resources

Guides/Reports
Working from Home during COVID-19 Pandemic During the COVID-19 pandemic, many physicians are working from home, using their personal computers and mobile…
Guides/Reports
Public
Mozilla Patches Critical Vulnerabilities in Firefox, Firefox ESR 04/03/2020 04:45 PM EDT Original release date: April 3, 2020 Mozilla has released security…
Special Bulletin
Public
A recent campaign of cyberattacks from a foreign threat actor targeted healthcare organizations and specifically exploited Citrix and Zoho technologies used…
Advisory
Public
The Centers for Medicare & Medicaid Services will prioritize and conduct only certain surveys during the COVID-19 national emergency’s three-week…
Action Alert
Public
Leaders from the Senate, House and Administration continue to negotiate a third spending package related to the novel coronavirus (COVID-19). Senate Majority…
Guides/Reports
Public
A malicious website pretending to be the live map for Coronavirus COVID-19 Global Cases by Johns Hopkins University is circulating on the internet waiting for…