computer-science
CISA gives US federal agencies three days to fix a VPN bug under attack by a ransomware gang
Key takeaways
- A ransomware group is actively exploiting an unpatched flaw in security tools used across the U.S. federal government, prompting the U.S.
- Cybersecurity firm Check Point Software said the bug affects several of its remote access tools, firewalls, and VPNs, which act as digital gatekeepers to protect company networks from unauthorized access.
- The hacks began on May 7 but activity began to rise last week, per Check Point.
A ransomware group is actively exploiting an unpatched flaw in security tools used across the U.S. federal government, prompting the U.S. cybersecurity agency CISA to order all civilian agencies to remediate the vulnerability by end of day Wednesday.
Cybersecurity firm Check Point Software said the bug affects several of its remote access tools, firewalls, and VPNs, which act as digital gatekeepers to protect company networks from unauthorized access.
The company said in a separate blog post that it had confirmed the bug was being exploited by a known ransomware group called Qilin to hack into a few dozen targeted organizations globally that rely on the affected security tools.
Article preview — originally published by TechCrunch. Full story at the source.
Read full story on TechCrunch →
More top stories
Also covered by
Aggregated and edited by the Scoop newsroom. We surface news from TechCrunch alongside other reporting so you can compare coverage in one place.
Editorial policy · Corrections · About Scoop