Home - Article

Featured Article

October 04, 2019

DHS Warning: Hackers Exploiting Palo Alto Networks, Fortinet and Pulse Secure VPNs


The Department of Homeland Security CISA leads the effort to enhance the security, resiliency, and reliability of the Nation's cybersecurity and communications infrastructure. Today they released and urgent report.

The United Kingdom (UK) National Cyber Security Centre (NCSC) has released an alert on advanced persistent threat (APT) actors exploiting vulnerabilities in Virtual Private Network (VPN) applications. A remote attacker could exploit these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review the NCSC Alert for more information and to review the following security advisories and apply the necessary updates:

According to Fortinet: A path traversal vulnerability in the FortiOS SSL VPN web portal may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.

According to PulseSecure: Multiple vulnerabilities were discovered and have been resolved in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS).  This includes an authentication by-pass vulnerability that can allow an unauthenticated user to perform a remote arbitrary file access on the Pulse Connect Secure gateway. This advisory also includes a remote code execution vulnerability that can allow an authenticated administrator to perform remote code execution on Pulse Connect Secure and Pulse Policy Secure gateways. Many of these vulnerabilities have a critical CVSS score and pose significant risk to your deployment. 

Palo Alto Networks is aware of the reported remote code execution (RCE) vulnerability in its GlobalProtect portal and GlobalProtect Gateway interface products. The issue is already addressed in prior maintenance releases. Successful exploitation of this issue allows an unauthenticated attacker to execute arbitrary code.

Keeping systems patched is crucial and an important part of cybersecurity.

How your organization can stay safe:

1) Determine if you are in possession of private information for New York residents, even if you are not conducting business in New York. This may be the opportunity to assess whether you need to retain this information for ongoing business purposes.

2) Ensure that you have administrative, technical, and physical safeguards in place that comply with the requirements of the SHIELD Act.

3) Develop, or revisit, internal policies for how the company will identify and respond to a data breach. Ensure that your employees understand the policies and that they are properly implemented.

4) This is a good time to re-evaluate corporate cybersecurity – new attacks are launched constantly against organizations. We reported recently that a new IRS scam warning has been disseminated by the IRS – warning people to be careful not to click on emails from the organization as they are likely malicious messages disguised to look like they emanated from the agency.

5) Read cybersecurity essentials – a simple list which will help most organizations become far more secure.

6) Go to a phishing simulation vendor now and sign up for one of their offerings. Phishing BoxKnowBe4 and Phish360; are all great.

7) We also recommend you get a free evaluation of your cybersecurity risk from an MSP/MSSP immediately – they can also help you build in the needed compliance to reduce the risk of being fined.





Apex Technology Services
Choose from comprehensive, affordable solutions for IT consulting, network services and computer help desk support in Fairfield county including Norwalk, Darien, Stamford, Greenwich, Ridgefield and Bridgeport. Also Westchester county including Rye, New Rochelle, White Plains, Yonkers and New York including Manhattan and the five boroughs.
IT SERVICES

IT SERVICES

Apex Technology Services is a cutting edge MSP offering quality IT support to financial, medical, legal, Fortune 500 and government agencies while adhering to the highest of quality...

LEARN MORE
CYBERSECURITY Services

CYBERSECURITY

Apex Technology Services has the cybersecurity expertise to help your business in a world filled with attackers looking to shut down your business hold it ransom or steal your valuable...

LEARN MORE
CLOUD SERVICES

CLOUD SERVICES

Apex Technology Services delivers a combination of traditional IT functions such as infrastructure as a service (IaaS), applications, software, security, monitoring, storage...

LEARN MORE

Ranked Top 10 Network security Solution Provider

One Stop Shop For All Your Technology Needs


Contact us Now!