Page 16 - Threat Intelligence 7-29-2019
P. 16

Threat Alerts




           And Advisories












            Vulnerabilities in Multiple VPN Applications
            The Cybersecurity and Infrastructure Security Agency (CISA) is aware of vulnerabilities
            affecting multiple Virtual Private Network (VPN) applications. A remote attacker could
            exploit these vulnerabilities to take control of an affected system. CISA encourages
            administrators to review the following security advisories and apply the necessary updates:
                   • Palo Alto Security Advisory PAN-SA-2019-00200
                   • FortiGuard Security Advisory FG-IR-18-384
                   • Pulse Secure Security Advisory SA44101




            Building Resilience to Foreign Interference, Misinformation Activities
            As part of the effort to #Protect2020, the Cybersecurity and Infrastructure Security Agency
            (CISA) is working with national partners to build resilience to foreign interferences,
            particularly information activities (e.g., disinformation, misinformation). The Department of
            Homeland Security (DHS) views foreign interference as malign actions taken by foreign
            governments or actors designed to sow discord, manipulate public discourse, discredit the
            electoral system, bias the development of policy, or disrupt markets for the purpose of
            undermining the interests of the United States and its allies. Responding to foreign
            interference requires a whole of society approach—CISA has made available the following
            foreign interference resources to #Protect2020:
                   • The War on Pineapple: Understanding Foreign Interference in 5 Steps
                   • Foreign Interference Taxonomy
                   • Social Media Bots Overview


            Apple Releases Multiple Security Updates
            Apple has released security updates to address vulnerabilities in multiple products. A
            remote attacker could exploit some of these vulnerabilities to take control of an affected
            system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and
            administrators to review the Apple security pages for the following products and apply the
            necessary updates:
                   • iOS 12.4
                   • tvOS 12.4
                   • Safari 12.1.2
                   • macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update
                     2019-004 Sierra
                   • watchOS 5.3








                                                    www.accumepartners.com                                           16
   11   12   13   14   15   16   17   18   19   20