Tag: ivanti
-
VulnRecap 2/5/24 Azure, Apple, Ivanti, Mastodon at Risk
Discover the past week’s critical vulnerabilities, spanning Azure, Apple, Ivanti, Mastodon, and more, as well as the recommended remediation measures…. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/vulnerability-recap-february-5-2024/
-
Noch eine Sicherheitslücke bei Ivanti entdeckt
Nachdem Angreifer drei der vier kürzlich entdeckten Schwachstellen in Systemen von Ivanti bereits massenhaft ausgenutzt hatten, hat der Anbieter inzw… First seen on crn.de Jump to article: www.crn.de/news/4172772/noch-eine-sicherheitslucke-bei-ivanti-entdeckt
-
Fortinet, Ivanti Keep Customers Busy With Yet More Critical Bugs
Brand-new vulnerabilities from both vendors this week ” one exploited in the wild ” add to a steady stream of critical security issues in the security… First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/fortinet-ivanti-keep-customers-busy-with-yet-more-critical-bugs
-
Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor
Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-ivanti-ssrf-flaw-to-deploy-new-dslog-backdoor/
-
Patch new Connect Secure auth bypass bug immediately
Today, Ivanti warned of a new authentication bypass vulnerability impacting Connect Secure, Policy Secure, and ZTA gateways, urging admins to secure t… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-patch-new-connect-secure-auth-bypass-bug-immediately/
-
Active Scan Alert: Over 28,000 Ivanti Instances Exposed to Internet
Ivanti has disclosed two new zero-day vulnerabilities assigned with CVE-2024-21888 and CVE-2024-21893 in the products Ivanti Connect Secure and Ivanti… First seen on gbhackers.com Jump to article: gbhackers.com/ivanti-flaw-under-attack/
-
CVE-2023-35081: Critical Flaw in Ivanti EPMM
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a critical flaw in Ivanti Endpoint Manager Mobile (EPMM) and MobileIron C… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2023-35081-ivanti-epmm/
-
CVE-2024-21893: Ivanti Flaw Under Active, Mass Exploitation
A critical server-side request forgery vulnerability (CVE-2024-21893), affecting Ivanti Connect Secure and Policy Secure products has been exploited a… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2024-21893-ivanti-flaw-exploit/
-
Check Point erweitert Partnerschaft mit Ivanti
Die National Vulnerability Database meldete über 25.000 Schwachstellen im Jahr 2022, und es wird erwartet, dass diese Zahl noch steigen wird. Das Patc… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-erweitert-partnerschaft-mit-ivanti/a34329/
-
Palo Alto Networks warnt vor mehreren Sicherheitslücken in Ivanti Endpoint Manager Mobile
Unit 42 empfiehlt den Nutzern der betroffenen Software ein Upgrade auf die neuesten Versionen, die Korrekturen für diese Sicherheitslücken enthalten. … First seen on infopoint-security.de Jump to article: www.infopoint-security.de/palo-alto-networks-warnt-vor-mehreren-sicherheitsluecken-in-ivanti-endpoint-manager-mobile/a34951/
-
Sicherheitsupdates: Authentifizierung von Ivanti Connect Secure & Co. defekt
First seen on heise.de Jump to article: heise.de/news/Sicherheitsupdates-Authentifizierung-von-Ivanti-Connect-Secure-Co-defekt-9623653.html
-
CISA Orders Ivanti VPN Appliances Disconnected: What to Do
US federal agencies have to disconnect, rebuild, and reconfigure all Ivanti Connect Secure and Policy Secure VPN appliances. This Tech Tip lists all t… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/cisa-orders-disconnecting-ivanti-vpn-appliances-what-to-do
-
More Ivanti VPN Zero-Days Fuel Attack Frenzy as Patches Finally Roll
First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/more-ivanti-vpn-zero-day-bugs-attack-frenzy-patches-rolling
-
Ivanti Zero-Day Patches Delayed as ‘KrustyLoader’ Attacks Mount
First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/ivanti-zero-day-patches-delayed-krustyloader-attacks-mount
-
Ivanti Releases Zero-Day Patches and Reveals Two New Bugs
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ivanti-zeroday-patches-two-new-bugs/
-
Rust Payloads Exploiting Ivanti Zero-Days Linked to Sophisticated Sliver Toolkit
After analyzing the 12 Rust payloads exploiting Ivanti ConnectSecure vulnerabilities, Synacktiv found they all enabled a sophisticated post-exploitati… First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/rust-payloads-ivanti-zero-days/
-
Ivanti Researchers Report Two Critical Zero-Day Vulnerabilities
First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/ivanti-researchers-report-of-two-critical-zero-day-vulnerabilities
-
Two Ivanti Zero-Days Actively Exploited in the Wild
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/two-ivanti-zerodays-actively/