News Insights: CISA Alert (AA20-107A) Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

Off Cyber Policy in the News,

CISA issued a warning to users urging them to patch Pulse Secure VPN after the government agency observed malicious attackers targeting the systems of U.S. hospitals and government entities with ransomware using stolen Active Directory credentials.

News Insights

Jason Crabtree, CEO at QOMPLX said, “CISA’s alert describes the modern attack playbook in action: step one, exploit an unpatched application to gain a foothold in a target organization—in this case, a VPN application—then, attack authentication infrastructure to elevate access and persist inside the environment. It reminds us that good cyber hygiene is necessary, but not sufficient. Hardening critical authentication infrastructure like Active Directory is crucial for keeping a bad breach from getting worse.”

About The Author

Hugh Taylor is a Certified Information Security Manager (CISM). In addition to editing Journal of Cyber Policy, he writes about cybersecurity, compliance and enterprise technology for such clients as Microsoft, IBM, SAP, HPE, Oracle, Google and Advanced Micro Devices. Prior to launching his freelance writing career, he served in executive roles at Microsoft, IBM and several venture-backed technology startups.

Privacy Policy