October 8, 2024 at 12:12PM Ivanti released security updates to address three new Cloud Services Appliance (CSA) zero-day vulnerabilities being actively exploited. These flaws impact CSA 5.0.1 and earlier, with the company advising affected customers to upgrade to version 5.0.2 and monitor for signs of compromise. Ivanti pledged a focus on Secure by Design and … Read more
September 20, 2024 at 05:05PM Ivanti has announced that a critical vulnerability in the Cloud Services Appliance (CSA) is being exploited, allowing attackers to bypass admin authentication and execute arbitrary commands. This adds to the ongoing security issues faced by Ivanti since 2023. Steps to mitigate the threat include upgrading to CSA 5.0 and ensuring … Read more
September 11, 2024 at 03:45AM Ivanti has released software updates addressing multiple critical vulnerabilities in their Endpoint Manager (EPM), with potential for remote code execution. Flaws affect EPM versions 2024 and 2022 SU5 and earlier, now resolved in versions 2024 SU1 and 2022 SU6. Additionally, high-severity issues in Ivanti Workspace Control and Cloud Service Appliance … Read more
August 13, 2024 at 04:34PM Ivanti has addressed a critical vulnerability in its Virtual Traffic Manager (vTM) related to an authentication algorithm, with a major potential impact. While no attacks have been observed, a proof-of-concept exploit is publicly available. Ivanti has provided patches and recommends limiting vTM access to trusted IP addresses to reduce the … Read more
August 13, 2024 at 11:31AM Ivanti urged customers to patch critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances. The flaw, tracked as CVE-2024-7593, allows remote unauthenticated attackers to create rogue administrator accounts. Ivanti advises restricting access to vTM management interface and upgrading to the latest patched versions to mitigate the risk. Key … Read more
April 5, 2024 at 03:39PM CISO Corner offers security articles for operational readers and leaders, covering issues from cybersecurity awareness to cyber threats in the Middle East. It discusses funding for securing the internet, nearly-hacked 2022 World Cup, Azure AI defense, Ivanti security overhaul, and the importance of a whole-of-society approach to cybersecurity. From the … Read more
April 4, 2024 at 03:30PM Utah IT software firm Ivanti responded to zero-day attacks with a CEO-led media campaign vowing to revamp its cybersecurity organization, acknowledged its security issues, and promised significant investment in secure-by-design principles. After delays in releasing patches for high-severity vulnerabilities, the US government ordered disconnection of Ivanti products. The CEO outlined … Read more
April 4, 2024 at 11:15AM Ivanti plans a security overhaul, committing to a secure-by-design approach after recent exploits. CEO Jeff Abbott outlined changes, including a focus on product security, stack modernization, and better vulnerability management. The company aims to reduce time-to-patch and enhance customer support while investing in AI and transparent information sharing. These efforts … Read more
February 13, 2024 at 02:15AM Threat actors are exploiting a security flaw in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor called DSLog. The flaw (CVE-2024-21893) allows access to restricted resources without authentication. Orange Cyberdefense observed attacks targeting an unnamed customer and recommends factory resetting Ivanti devices to prevent continued exploitation. … Read more
January 31, 2024 at 12:48PM Ivanti is urgently addressing two high-severity vulnerabilities in its Connect Secure and Policy Secure VPN products, discovered during the investigation of zero-day attacks. The company has started rolling out patches for critical bugs and issued an alert to its customers to test and deploy available fixes promptly. Digital forensics firm … Read more