CISA Orders Ivanti VPN Appliances Disconnected: What to Do
DarkReading
|
Contributed by: Drex DeFord
Summary
CISA orders Federal Civilian Executive Branch agencies to remove all Ivanti appliances within 48 hours due to multiple security flaw exploitations. Chinese state-backed cyberattackers exploited at least two vulnerabilities causing CISA to instruct agencies to disconnect Ivanti products. CISA directive applies to 102 agencies, includes Homeland Security, State, Energy, and SEC. All entities using Ivanti appliances urged to prioritize network protection. Appliances can't reconnect until rebuilt and upgraded. Agencies must report steps by Feb. 5, 2024. CISA mandates double password reset, Kerberos tickets revocation, device token revocation, and reports by March 1, 2024.
