Tag: ivanti
-
MITRE revealed that nation-state actors breached its systems via Ivanti zero-days
The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by exploiting Ivanti VPN zero-days. In April 2024, MI… First seen on securityaffairs.com Jump to article: securityaffairs.com/162045/security/mitre-security-breach-ivanti-zero-days.html
-
Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)
The newest version of Ivanti Avalanche the company’s enterprise mobile device management (MDM) solution carries fixes for 27 vulnerabilities, two of… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/04/18/cve-2024-29204/
-
Mitre Says Hackers Breached Unclassified R&D Network
Threat Actor Exploited Ivanti Zero-Day Vulnerabilities in Cyberattack. A nation-state threat actor gained access into an unclassified research and dev… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/mitre-says-hackers-breached-unclassified-rd-network-a-24907
-
Ivanti fixed two critical flaws in its Avalanche MDM
Ivanti addressed two critical vulnerabilities in its Avalanche mobile device management (MDM) solution, that can lead to remote command execution. Iva… First seen on securityaffairs.com Jump to article: securityaffairs.com/161952/security/ivanti-avalanche-mdm-critical-flaws.html
-
Breach Roundup: LabHost Phishing-as-a-Service Site Goes Down
Also: Omni Hack Exposed Customer Data; More Ivanti Vulnerabilities Come to Light. This week, police disrupted the LabHost phishing-as-a-service site, … First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-labhost-phishing-as-a-service-site-goes-down-a-24896
-
Over two dozen Ivanti Avalanche vulnerabilities addressed
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/over-two-dozen-ivanti-avalanche-vulnerabilities-addressed
-
Ivanti Patches Two Critical Avalanche Flaws in Major Update
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ivanti-patches-two-critical/
-
IT-Sicherheitsbehörde CISA warnt erneut wegen Ivanti-Sicherheitslücken
Die US-Cybersicherheitsbehörde fordert nachdrücklich dazu auf, Patches zu installieren, um eine kritische Sicherheitslücke in Ivanti Standalone Sentry… First seen on crn.de Jump to article: www.crn.de/news/4189167/sicherheitsbehorde-cisa-warnt-erneut-wegen-ivanti-sicherheitslucken
-
Breach Roundup: LabHost Goes Down
Also: Omni Hack Exposed Customer Data and More Ivanti Vulnerabilities. This week, police took down the LabHost phishing-as-a-service site, customer da… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-labhost-goes-down-a-24896
-
Ivanti warns of critical flaws in its Avalanche MDM solution
Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap ove… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-flaws-in-its-avalanche-mdm-solution/
-
Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product
Ivanti releases patches for 27 vulnerabilities in the Avalanche MDM product, including critical flaws leading to command execution. The post eleases p… First seen on securityweek.com Jump to article: www.securityweek.com/ivanti-patches-27-vulnerabilities-in-avalanche-mdm-product/
-
Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws
Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, … First seen on thehackernews.com Jump to article: thehackernews.com/2024/04/researchers-identify-multiple-china.html
-
Ivanti Rushes Patches for 4 New Flaws in Connect Secure and Policy Secure
Ivanti has released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could result in code exec… First seen on thehackernews.com Jump to article: thehackernews.com/2024/04/ivanti-rushes-patches-for-4-new-flaw-in.html
-
CISA confirms compromise of its Ivanti systems
CISA said that approximately one month ago, it identified ‘activity indicating the exploitation of vulnerabilities in Ivanti products the agency uses…. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366573095/CISA-confirms-compromise-of-internal-Ivanti-systems
-
CISO Corner: Ivanti’s Mea Culpa; World Cup Hack; CISOs & Cyber Awareness
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also include… First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/ciso-corner-ivanti-mea-culpa-world-cup-hack-cyber-awareness
-
Sicherheitsupdates für Ivanti: Schadcode kann durch VPN-Verbindungen schlüpfen
First seen on heise.de Jump to article: www.heise.de/news/Sicherheitsupdates-Ivanti-Schadcode-kann-durch-VPN-Verbindungen-schluepfen-9674642.html
-
Ivanti Pledges Security Overhaul the Day After 4 More Vulns Disclosed
Tags: ivantiFirst seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/ivanti-ceo-commits-to-security-overhaul-day-after-vendor-discloses-4-more-vulns
-
Ivanti CEO pledges to fundamentally transform its hard-hit security model
First seen on arstechnica.com Jump to article: arstechnica.com/
-
Numerous Ivanti VPN gateways impacted by RCE vulnerability
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/numerous-ivanti-vpn-gateways-impacted-by-rce-vulnerability
-
Thousands Of Internet-Exposed Ivanti VPN Appliances Vulnerable To RCE Attacks
Tags: access, attack, cybersecurity, data-breach, Internet, ivanti, rce, remote-code-execution, vpn, vulnerabilityIn a recent cybersecurity revelation, Ivanti, a leading provider of enterprise-grade secure access solutions, has been found to have significant vulne… First seen on gbhackers.com Jump to article: gbhackers.com/ivanti-vpn-rce-vulnerabilities/
-
Nach mehreren ITVorfällen: Ivanti gelobt in offenem Brief Besserung
2024 begann für Ivanti turbulent und verwundbare Produkte gefährden Firmen inklusive Abschaltbefehl der US-Regierung. Nun meldet sich der CEO zu Wort…. First seen on heise.de Jump to article: www.heise.de/news/Nach-mehreren-IT-Security-Vorfaellen-Ivanti-gelobt-in-offenem-Brief-Besserung-9677619.html
-
Jetzt patchen! Rund 16.500 VPN-Instanzen von Ivanti potenziell angreifbar
Scans zeigen, dass weltweit tausende VPN-Instanzen von Ivanti des Typs Connect Secure und Policy Secure Gateway verwundbar sind. Auch in Deutschland. … First seen on heise.de Jump to article: www.heise.de/news/Jetzt-patchen-Rund-16-500-VPN-Instanzen-von-Ivanti-potenziell-angreifbar-9677551.html
-
More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894
Experts warn of roughly 16,500 Ivanti Connect Secure and Poly Secure gateways still vulnerable to a remote code execution (RCE) flaw. Shadowserver res… First seen on securityaffairs.com Jump to article: securityaffairs.com/161544/security/ivanti-16500-vulnerable-istances.html
-
Chinese Threat Actors Deploy New TTPs to Exploit Ivanti Vulnerabilities
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-threat-ttps-ivanti/
-
Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability
Researchers at the Shadowserver Foundation identify thousands of internet-exposed Ivanti VPN appliances likely impacted by a recently disclosed vulner… First seen on securityweek.com Jump to article: www.securityweek.com/thousands-of-ivanti-vpn-appliances-impacted-by-recent-vulnerability/
-
Vulnerability Recap 3/25/24 More Ivanti Issues to Patch
First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/vulnerability-recap-march-25-2024/
-
New Ivanti RCE flaw may impact 16,000 exposed VPN gateways
Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution (RCE) fla… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-ivanti-rce-flaw-may-impact-16-000-exposed-vpn-gateways/
-
Ivanti fixed for 4 new issues in Connect Secure and Policy Secure
Ivanti addressed four flaws impacting Connect Secure and Policy Secure Gateways that could lead to code execution and denial-of-service (DoS) conditio… First seen on securityaffairs.com Jump to article: securityaffairs.com/161465/security/ivanti-code-execution-dos-flaws.html
-
Ivanti vows to transform its security operating model, reveals new vulnerabilities
Ivanti has released patches for new DoS vulnerabilities affecting Ivanti Connect Secure (SSL VPN solution) and Ivanti Policy Secure (NAC solution), so… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/04/04/ivanti-connect-secure-vulnerabilities/
-
Ivanti CEO Promises Stronger Security After a Year of Flaws
Ivanti CEO Jeff Abbott, in an open letter and a video, outlined the steps the embattled company is taking to improve its security. The post EO Jeff Ab… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/ivanti-ceo-promises-stronger-security-after-a-year-of-flaws/