The seven deadly sins letting hackers hijack America’s govt networks: These unpatched bugs leave systems open


If you’re wondering which bugs in particular miscreants are exploiting to break into, or attempt to break into, US government networks, wonder no more. And then make sure you’ve patched them.

Uncle Sam’s Dept of Homeland Security has this month identified at least six possible routes into the nation’s computer systems, and the method used to gain total control over the machines once inside. Those six vulnerabilities are…

  1. CVE-2019-19781 in Citrix NetScaler
  2. CVE-2020-15505 in MobileIron
  3. CVE-2019-11510 in Pulse Secure
  4. CVE-2020-2021 in Palo Alto Networks
  5. CVE-2020-5902 in F5 BIG-IP
  6. CVE-2018-13379 in Fortinet FortiOS SSL VPN.

Read more…