National Security Agency Cybersecurity Advisory: Mitigating Recent VPN Vulnerabilities (October 7,2019)

Multiple Nation State Advanced Persistent Threat (APT) actors have weaponized CVE-2019-11510, CVE-2019-11539, and CVE-2018-13379 to gain access to vulnerable VPN devices.

In August, 2019, the Canadian Centre for Cyber Security released guidance for mitigating vulnerabilities in 3 major VPN products (Pulse Secure®, Palo Alto GlobalProtect™, and Fortinet Fortigate®). That guidance lists indicators of compromise for detecting malicious activity [1]. This Cybersecurity Advisory is intended to convey additional actions for compromise recovery and longer-term actions for hardening.

Related Resources

Advisory
Public
The FBI, jointly with the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of the Treasury, today issued a public cybersecurity…
Letter/Comment
Public
The American Hospital Association (AHA) writes in support of the Protecting and Transforming Cyber Health Care (PATCH) Act (S.3983). AHA and its members are…
AHA Center for Health Innovation Market Scan
Health care is under attack as never before from cybercriminals, and the stakes are rising for hospitals and patient safety. The latest potential threat: The…
Advancing Health Podcast
Public
Over the past few years every leader of health care organization in the country has had to acknowledge the threat of a cyberattack that has the potential to…
Advancing Health Podcast
Public
In this special Cybersecurity podcast we have the opportunity to talk to leaders of an AHA member hospital who was a victim of a major ransomware attack in the…
Letter/Comment
Public
AHA letter to Senators Jack Rosen and Bill Cassidy, M.D. voicing support of the Healthcare Cybersecurity Act (S.3904).