"US Agencies Given 48 Hours to Disconnect Flawed Ivanti VPN Tech"

February 1, 2024 at 05:48 PM

•

1 min read

"US Agencies Given 48 Hours to Disconnect Flawed Ivanti VPN Tech" — Photo: TechCrunch

TL;DR Summary

The U.S. cybersecurity agency CISA has ordered federal agencies to disconnect all Ivanti VPN appliances within 48 hours due to the serious threat posed by multiple zero-day vulnerabilities being actively exploited by malicious hackers. This directive comes after Ivanti uncovered a third zero-day flaw and security researchers identified Chinese state-backed hackers exploiting at least two of the vulnerabilities. CISA has instructed agencies to disconnect the affected products, continue threat hunting, and monitor authentication services, while providing instructions for restoring Ivanti appliances to online operation. Ivanti has made patches available for some affected software versions and urged customers to factory reset appliances before patching to prevent hackers from gaining persistence on their network.

Topics:business #cisa #cybersecurity #federal-agencies #ivanti-vpn #technology #zero-day-vulnerabilities

Share this article

US gives federal agencies 48 hours to disconnect flawed Ivanti VPN tech TechCrunch
CISA directs agencies to shut down vulnerable software products Federal News Network
More Ivanti VPN Zero-Days Fuel Attack Frenzy as Patches Finally Roll DARKReading
CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products SecurityWeek
Agencies using vulnerable Ivanti products have until Saturday to disconnect them Ars Technica

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

77%

488 → 112 words

Want the full story? Read the original article

Read on TechCrunch

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights