May 22, 2024 at 07:42AM IT software company Ivanti released patches for several products, including critical vulnerabilities in Endpoint Manager (EPM). The fixes addressed SQL injection bugs and unrestricted file upload issues. Ivanti urged customers to update to the latest versions to apply the fixes. The company also reaffirmed its commitment to enhancing security practices. … Read more
April 4, 2024 at 12:57AM Ivanti has released security updates to fix four flaws affecting Connect Secure and Policy Secure Gateways. These flaws could lead to code execution and denial-of-service attacks. The vulnerabilities include heap overflow, null pointer dereference, and XML entity expansion issues. Ivanti has been addressing security flaws and is working on improving … Read more
March 12, 2024 at 04:11PM Threat actors targeted Ivanti edge devices earlier this year. One-day exploit CVE-2024-21887 in Ivanti Connect Secure and Policy Secure gateways, rated 9.1/10, was quickly capitalized on by “Magnet Goblin.” Known for exploiting one-days in public-facing services, this group deploys malware capable of flying under the radar, emphasizing the need for … Read more
February 12, 2024 at 11:32AM Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti products to deploy the DSLog backdoor, allowing remote command execution. The vulnerability, known as CVE-2024-21893, affects SAML components and enables bypassing authentication. Successful attacks have been reported, prompting the release of security updates to mitigate the risk. Key takeaways … Read more
February 9, 2024 at 04:36PM Ivanti disclosed a new vulnerability in its gateways, confusing researchers who claim discovery. Ivanti, attributing the find to in-house review, faces dispute from watchTowr, who published evidence of prior notification. The high-severity flaw, affecting limited versions, requires patching and mitigation. Recent security issues prompt CISA and NCSC advisories. (Word count: … Read more
February 8, 2024 at 02:53PM Ivanti warns of authentication bypass vulnerability (CVE-2024-22024) in Connect Secure, Policy Secure, and ZTA gateways, allowing remote access to unpatched appliances. No evidence of customer exploitation, but immediate action is recommended. Over 20,000 ICS VPN gateways tracked online. Ivanti devices targeted in zero-day attacks. Security patches released. CISA orders disconnection … Read more
January 16, 2024 at 10:04AM Ivanti Connect Secure (ICS) VPN users are at risk if they have not applied recent vulnerability mitigation. Over 1,700 devices have been compromised due to successful exploits. The attacks have targeted a wide range of organizations globally. Users are advised to run Ivanti’s Integrity Checker Tool to detect compromises and … Read more