"Federal Agencies Ordered to Disconnect Vulnerable Ivanti Products Within 48 Hours"

February 1, 2024 at 11:45 PM

•

1 min read

"Federal Agencies Ordered to Disconnect Vulnerable Ivanti Products Within 48 Hours" — Photo: Ars Technica

TL;DR Summary

Federal civilian agencies have been ordered by the US Cybersecurity and Infrastructure Security Agency to disconnect all network connections to Ivanti VPN software due to three critical vulnerabilities, including two zero-days, that are being actively exploited by threat groups. The directive also includes steps for agencies to detect if their Ivanti VPNs have been compromised and mandates a series of actions to be taken before bringing the products back online. Security firm Volexity reported that at least 2,200 customers of the affected products have been compromised, and they praised the directive as the best way to alleviate concerns about compromised devices.

Topics:business #cisa #cybersecurity #ivanti #vulnerabilities #zero-day

Share this article

Agencies using vulnerable Ivanti products have until Saturday to disconnect them Ars Technica
CISA directs agencies to shut down vulnerable software products Federal News Network
US gives federal agencies 48 hours to disconnect flawed Ivanti VPN tech TechCrunch
CISA orders Ivanti devices targeted by Chinese hackers be disconnected CyberScoop
All federal civilian agencies ordered to disconnect at-risk Ivanti products by Friday The Record from Recorded Future News

Reading Insights

Total Reads

Unique Readers

Time Saved

3 min

vs 4 min read

Condensed

84%

650 → 101 words

Want the full story? Read the original article

Read on Ars Technica

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights