Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Eugene

(62,646 posts)
Mon Jan 22, 2024, 09:58 AM Jan 2024

Top U.S. cybersecurity watchdog issues emergency directive to federal agencies about popular software

Source: NBC News

Top U.S. cybersecurity watchdog issues emergency directive to federal agencies about popular software

The directive ordered agencies to patch the software that allows for remote work.

Jan. 19, 2024, 6:30 PM EST
By Kevin Collier

The top U.S. cyber watchdog agency issued an emergency directive Friday, mandating that all federal agencies protect themselves against a dangerous vulnerability in a popular software program. The watchdog said it is conducting investigations into whether China had used the program to spy on the agencies.

The program used by the agencies is called Ivanti Connect Secure, which allows employees to remotely connect to work. A devastating vulnerability in the program, first discovered in December by the cybersecurity company Volexity, can grant hackers significant access to the businesses or government agencies that use it and allows for the creation of additional back doors to return later.

As news of the vulnerability has become widespread, at least 1,700 known organizations around the world have been hacked with it, Volexity has found.

In a press call with reporters late Friday afternoon, Eric Goldstein, the executive assistant director at the U.S. Cybersecurity and Infrastructure Security Agency (CISA), said that hackers have learned about the vulnerability and increasingly have tried to hack companies and government agencies that use Connect Secure.

-snip-

Read more: https://www.nbcnews.com/tech/security/cisa-issues-emergency-directive-federal-agencies-connect-secure-softwa-rcna134844

Latest Discussions»Issue Forums»National Security & Defense»Top U.S. cybersecurity wa...