CISA’s alert – Exploitation of Pulse Connect Secure Vulnerabilities – confirms that attackers breached US government agencies and other critical organizations by exploiting vulnerabilities in Pulse Secure products. “Since March 31, 2021, CISA assisted multiple entities whose vulnerable Pulse Connect Secure products have been exploited by a cyber threat actor.” The CISO of Shared Assessments, the member-driven leaders in third-party risk management tools and research, offers perspective.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>The concept of a vulnerability on the perimeter highlights the need for adopting technologies that align with the notion of Zero Trust. Moving from perimeter-based networking model to one where decentralized security by micro-segmentation approach will help organizations minimize the impacts of security incidents.</p>
<p>Regardless of whether it is an application performing business processing, a piece of network or server hardware, or a utility to assist in smoothing an operational process, bad code development, and testing practices will always lead to vulnerabilities. Once the threat actors – and in this case, a nation state actor – identified the coding defects with Ivanti Pulse Connect Secure products, they jumped on the vulnerability and hijacked it to do things that it wasn’t originally programmed to do. The way to reduce this risk from affecting an organization is to require these providers evidence that they follow secure coding practices. Such due diligence would include evidence of their code development, the performance of both static and dynamic code analysis, testing to ensure the code is secure and cannot be hijacked, and security around the deployment of the product.</p>