June 25, 2024 at 04:05PM A threat actor may have accessed critical data on US chemical facilities by exploiting vulnerabilities in the CISA’s Chemical Security Assessment Tool. The compromised information includes chemical inventories, security assessments, and personnel details. This breach poses potential safety risks, and affected organizations are advised to review and enhance their cybersecurity … Read more
June 25, 2024 at 09:48AM US cybersecurity agency CISA is warning high-risk chemical facilities to secure their online accounts after a breach in its Chemical Security Assessment Tool (CSAT) portal. The breach could have given unauthorized access to sensitive data on chemical facilities, such as dangerous chemicals stored and security vulnerabilities. CISA advised affected individuals … Read more
April 5, 2024 at 04:33AM Several China-linked threat actors are exploiting zero-day security flaws impacting Ivanti appliances, with Mandiant tracking multiple clusters, financially motivated actors, and post-exploitation activities involving the deployment of various malware tools. This underscores the threat posed by edge appliances and the actors’ ability to tailor their tradecraft to evade detection. Based … Read more
March 11, 2024 at 08:09AM Check Point reports that the financially motivated threat actor, Magnet Goblin, has been exploiting one-day vulnerabilities in public-facing services to deploy Linux backdoors. The actor targeted various vulnerabilities, including in Ivanti VPNs, Magento, and Qlik Sense. Check Point warns of ongoing trends for threat actors to target under-protected areas. Based … Read more
February 16, 2024 at 07:12PM “CISO Corner” offers curated articles for security operations and leadership. It covers topics such as security metrics, convergence of CISO & CIO roles, FCC’s new breach reporting rules, budget trends in the Middle East & Africa, and concerns about Ivanti VPN vulnerabilities. For detailed information, visit Dark Reading’s website. From … Read more
February 15, 2024 at 10:18AM A firmware reverse engineering of Ivanti Pulse Secure revealed outdated, vulnerable software components in the Utah-based company’s appliance. Active exploitation of security flaws in related gateways has been observed. Eclypsium found outdated packages and vulnerable libraries, emphasizing the need for visibility into digital supply chains. Concerns about security holes in … Read more
February 13, 2024 at 11:36AM Ivanti’s VPN appliances have experienced widespread vulnerabilities, with slow incident response and delayed patch releases. This has led to criticism from cybersecurity experts and a federal mandate to disconnect Ivanti products from government systems. Ivanti’s reputation and customer trust are at stake, with uncertain prospects for recovery and continued caution … Read more
January 31, 2024 at 08:48AM Ivanti has warned of two vulnerabilities affecting Connect Secure, Policy Secure, and ZTA gateways. The first vulnerability (CVE-2024-21893) is a zero-day bug allowing server-side request forgery, granting unauthorized access. The second flaw (CVE-2024-21888) enables privilege escalation. Ivanti has released security patches and mitigation measures. Threat actors have exploited these vulnerabilities, … Read more