APT Groups Exploiting Flaws in Unpatched VPNs, Officials Warn

U.S. and U.K. agencies warn consumers to update VPN technologies from Fortinet, Pulse Secure and Palo Alto Networks. State-sponsored advanced persistent threat (APT) groups are using flaws in outdated VPN technologies from Palo Alto Networks, Fortinet and Pulse Secure to carry out cyber attacks on targets in the United States and overseas, warned U.S. and U.K. officials. The National Security Agency (NSA) issued a Cybersecurity Advisory Monday about the threats and offered mitigation suggestions, warning that multiple APT actors have weaponized three critical vulnerabilities first published in August–CVE-2019-11539, CVE-2019-11510 and CVE-2018-13379–to gain access to vulnerable VPN devices. The first two affect Pulse Secure VPNs while the third affects Fortinet technology.