U.S. government cybersecurity experts are providing guidance on the "top 10" most commonly exploited vulnerabilites. The alert helps highlight the importance of patching and prioritizing vulnerabilities with known exploits.
Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.
The Cybersecurity and Infrastructure Security Agency (CISA) issued a new warning that attackers continue to target unpatched Pulse Secure VPN systems.