The US Cybersecurity and Infrastructure Security Agency (CISA) has alerted the public about dangerous vulnerabilities in Ivanti software products. It even ordered US government agencies to disconnect its VPN instances in an emergency. It turns out that CISA itself was compromised, and two systems were forced to shut down.
CISA discovered that it was hacked last month and was forced to take two key computer systems offline, according to CNN. One system was responsible for sharing cyber and physical security assessment tools between federal, state, and local officials. The other holds security assessment information on chemical facilities.
The hack did not affect CISA’s operations, and two older systems were set to be replaced.
Read the rest of the story at cybernews, here.