A widespread vulnerability in government security tools opened an attack window for a tracked ransomware gang. Federal agencies have received an immediate directive to fix affected products by Wednesday.
A ransomware group is actively exploiting an unpatched vulnerability in security tool suites used across the U.S. federal government, prompting CISA to order all civilian agencies to patch the issue by the end of the day on Wednesday.
The cybersecurity company Check Point Software said the flaw affects several of its remote-access tools, firewalls, and VPNs that serve as digital guardians of networks against unauthorized access.
In a separate blog post, the company confirmed that the vulnerability is being exploited by the well-known ransomware group named Qilin to breach dozens of targets worldwide that rely on these tools.
Threat and government response
The cyberattacks began on May 7, but activity increased last week, according to Check Point.
Given the risk to U.S. federal government networks, CISA on Monday ordered all civilian federal agencies – such as the Department of Homeland Security, the U.S. Department of State, and the U.S. Treasury – to patch the vulnerable products by the end of the day on June 11.
The agency cites BOD 22-01, a binding operational directive that allows agencies to take security measures in response to an active cyber threat to government networks.
The latest steps underscore the need for rapid remediation of critical vulnerabilities in the public sector and for strengthening coordination among federal entities in response to cybersecurity threats.
Such actions demonstrate the government’s priority in securing government networks and its readiness to respond quickly to new cyber threats.
Click Here For The Original Source.
