#VulnerabilityExploitation

More Ivanti VPN Zero-Days Fuel Attack Frenzy as Patches Finally Roll

by

January 31, 2024 at 03:39PM Ivanti has patched the original set of zero-day vulnerabilities (CVE-2024-21887 and CVE-2023-46805) in its Connect Secure VPN appliances, but more fixes will be rolled out on a staggered schedule. The company is also addressing two new bugs (CVE-2024-21888 and CVE-2024-21893) with the latter under active exploitation. Organizations are urged to … Read more

Adobe ColdFusion Vulnerability Exploited in Attacks on US Government Agency 

by

December 6, 2023 at 08:00AM A US government agency was attacked through a flaw in Adobe ColdFusion, identified as CVE-2023-26360, as reported by SecurityWeek. Key Takeaway from Meeting Notes: – An Adobe ColdFusion vulnerability with the identifier CVE-2023-26360 was exploited in cyberattacks targeting a US government agency. – The information regarding the exploitation of this … Read more