DHS / CISA: Cyber Security Alert

For your situational awareness. If you have any questions, please let me know. Thank you.

Chad Johnston
Protective Security Advisor-Arkansas, Region VI
Cybersecurity and Infrastructure Security Agency
501-414-1468 (Cell)
Chad.Johnston@cisa.dhs.gov

CISA has published CISA/FBI joint Alert AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity (TLP:WHITE) to the CISA/US-CERT website at the following URL: https://us-cert.cisa.gov/ncas/alerts/aa20-258a. AA20-258A details malicious cyber activity attributed to Chinese Ministry of State Security-affiliated threat actors and provides recommended mitigation actions.

The Alert provides information on the exploitation of known vulnerabilities, including

F5 Big-IP Vulnerability CVE-2020-5902 (CVSS v3 9.8)
Citrix VPN Appliances CVE-2019-19781 (CVSS v3 9.8)
Pulse Secure VPN Servers CVE-2019-11510 (CVSS v3 10)
Microsoft Exchange Server CVE-2020-0688 (CVSS v3 8.8)

CISA recommends the following resources for additional information

AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902 (TLP:WHITE) https://us-cert.cisa.gov/ncas/alerts/aa20-206a
AA20-031A: Detecting Citrix CVE-2019-19781 (TLP:WHITE) https://us-cert.cisa.gov/ncas/alerts/aa20-031a
AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching (TLP:WHITE) https://us-cert.cisa.gov/ncas/alerts/aa20-107a
CISA Chinese Malicious Cyber Activity page

V/r,

Dr. Megan Ferguson
U.S. Department of Homeland Security
Northrup Grumman in support of
CISA | IOD | CISA Central (Contractor)

Posted in Member News, News

IRPT Spotlight: AGRIServices of Brunswick