alerts

CISA Issues Emergency Directive Requiring Federal Agencies to Check Pulse Connect Secure Products

The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive (ED) 21-03 today requiring federal civilian departments and agencies running Pulse Connect Secure products to assess and mitigate any anomalous activity or active exploitation detected on their networks. All affected agencies are required to use the Pulse Connect Secure Integrity Tool to check the integrity of their file systems, and if mismatches or new files are found, they must take mitigation actions and contact CISA for potential incident response activities.
Last Published Date: April 20, 2021

Mitigate Microsoft Exchange On-Premises Product Vulnerabilities

CISA partners have observed active exploitation of vulnerabilities in Microsoft Exchange on-premises products. Neither the vulnerabilities nor the identified exploit activity is currently known to affect Microsoft 365 or Azure Cloud deployments. Successful exploitation of these vulnerabilities allows an attacker to access on-premises Exchange Servers, enabling them to gain persistent system access and control of an enterprise network.

Cold Storage Cyber Custodial Care

As America prepares for distribution of coronavirus vaccines, the security and integrity of facilities that will receive, house, and distribute COVID-19 vaccines has come into focus. Physical or cyber disruptions to the ability of the nation to maintain supplies of COVID-19 vaccines at sufficiently cold temperatures could interfere with the nation’s ability to protect its citizens from illness and further delay full economic recovery.