The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert stating that a cyber threat actor has compromised a number of government agencies, critical infrastructure and organizations in the private sector since “June 2020 or earlier” using vulnerabilities in Ivanti’s Pulse Connect Secure virtual private network products.

CISA said Tuesday it has assisted several entities affected by the cyber breach since end of March and found that the threat actor uses multiple vulnerabilities to install webshells on the affected products to gain further access.

“The known webshells allow for a variety of functions, including authentication bypass, multi-factor authentication bypass, password logging, and persistence through patching,” the CISA alert reads.

The agency said Ivanti is working on a patch and has come up with a tool to help users ensure the integrity of their Pulse Connect Secure software.

CISA has called on organizations using the compromised VPN products to run the new integrity tool, check for malicious activity and update their VPN to the latest software version.

To register for this virtual forum, visit the GovConWire Events page.

Army Research Laboratory (ARL) worked with the University of Southern California (USC) to study how soldiers would communicate with autonomous robots. 

The Army said Monday it worked with the Institute for Creative Technologies, USC-hosted research center funded by the Department of Defense (DOD), to prototype the Joint Understanding and Dialogue Interface (JUDI) system.

“We employed a statistical classification technique for enabling conversational AI using state-of-the-art natural language understanding and dialogue management technologies,” said Felix Gervits, an Army researcher.

He said the system features a statistical language classifier that allows autonomous systems to understand the intent of what a soldier communicates. Gervits said JUDI has the potential to reduce the amount of time needed for deployment in new environments.

The General Services Administration (GSA) is working on a network-as-a-service that would help agencies continuously modernize network infrastructure via a cloud-centric business model, FedScoop reported Monday.

Allen Hill, GSA's deputy assistant commissioner of category management, said the Enterprise Infrastructure Solutions (EIS) contract team will help agencies adopt emerging technologies and shift away from legacy systems.

The $50 billion EIS vehicle so far has 164 released task orders out of a total expected number of 212. 

“The agencies can certainly reach out to us, and we’ll work with them and help them to facilitate any type of challenges they may be having with the vendors," Hill said at an event hosted by the American Council for Technology and Industry Advisory Council (ACT-IAC).

Rep. Gerald Connolly, D-Va., and Rep. Jody Hice, R-Ga., have introduced a bill that aims to involve key stakeholders and resources in federal performance planning. The two introduced the Performance Enhancement Reform Act during a biannual hearing last Friday, Connolly's office said the same day.

Connolly, who chairs the House's Subcommittee on Government Operations, administered this hearing to review the implementation of three existing technology laws.

The subcommittee assessed the Federal Information Security Modernization Act (FISMA), the Federal Information Technology Acquisition Reform Act (FITARA) and the Modernizing Government Technology Act during the hearing.

Jay Mahanand, chief information officer of the U.S. Agency for International Development (USAID), said FITARA has helped government CIOs establish, quantify and further develop critical IT programs.

Oracle today announced that ServiceNow, the leading digital workflow company that makes work, work better for people, now supports Oracle Cloud Infrastructure (OCI).  Enterprise customers are now able to access and manage OCI resources via their existing ServiceNow Service portal and the ServiceNow IT Operations Management (ITOM) Visibility application, which gives them a single dashboard to manage their public cloud resources from Oracle and other major cloud providers.

"Enterprise customers are increasingly moving toward a multi-cloud environment and need an easy way to manage all of their cloud resources," said Scott Twaddle, vice president of product, industries, and partnerships, Oracle Cloud Infrastructure. "This is a big step forward for all of our customers that are using Oracle, as well as other major cloud providers to run their business-critical applications.  Now customers can leverage their existing ServiceNow Service portal to view and manage all of their cloud resources, including Oracle." 

Customers including Network Rail are already benefiting from the Oracle and ServiceNow integration. Network Rail runs 20 of the United Kingdom's largest railway stations, and operates and develops Britain's railway infrastructure, which consists of 20,000 miles of track, 30,000 bridges, tunnels and viaducts and the thousands of signals and level crossings.