VPN-Related Guidance

Tips and best practices for home users and technical staff to establish, configure, and/or manage virtual private networks for telework.

ICSA-20-184-02: ABB System 800xA Information Manager

ICS-CERT Advisory detailing identified vulnerability that involves luring a user to a malicious website to potentially cause the Display Services functionality to stop or malfunction. The Advisory provides recommended baseline security practices and firewall configurations to help protect a network and its attached devices from attacks that originate from outside the network.

Relevant Audiences: System/Network Administrators, Critical Infrastructure

AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor

This advisory—written by the Cybersecurity Security and Infrastructure Security Agency (CISA) with contributions from the Federal Bureau of Investigation (FBI)—highlights risks associated with Tor, along with technical details and recommendations for mitigation.

Relevant Audiences: System/Network Administrators

AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

CISA Alert providing an update to a previous alert, which advised organizations to immediately patch CVE-2019-11510—an arbitrary file reading vulnerability affecting Pulse Secure virtual private network (VPN) appliances. This Alert provides new detection methods for this activity, including a CISA-developed tool that helps network administrators search for relevant indicators of compromise (IOCs).

Relevant Audiences: System/Network Administrators

AA20-010A: Continued Exploitation of Pulse Secure VPN Vulnerability

CISA Alert highlighting the continued threat to unpatched Pulse Secure VPN servers from malicious actors. The Alert strongly urges users and administrators to upgrade to the corresponding fixes in the face of likely continued attacks.

Relevant Audiences: System/Network Administrators

AA20-031A: Detecting Citrix CVE-2019-19781

CISA Alert providing tools and technologies to assist with detecting the presence of cyber network exploitation (CNE) actors who have successfully compromised numerous organizations that employed vulnerable Citrix devices.

Relevant Audiences: System/Network Administrators

AA20-126A: APT Groups Target Healthcare and Essential Services

This joint alert from CISA and the United Kingdom’s National Cyber Security Centre (NCSC) addresses indications that advanced persistent threat (APT) groups are exploiting the COVID-19 pandemic as part of their cyber operations. This alert highlights ongoing activity by APT groups against organizations involved in both national and international COVID-19 responses. 

Relevant Audiences: System/Network Administrators, Critical Infrastructure

AA20-073A: Enterprise VPN Security

Employers are using alternate workplace options during COVID-19, which has increased employers’ reliance on enterprise virtual private network (VPN) solutions to connect employees to an organization’s information technology (IT) network. This CISA Alert helps organizations adopt a heightened state of cybersecurity.

Relevant Audiences: System/Network Administrators

Was this document helpful?  Yes  |  Somewhat  |  No