February 12, 2024 at 11:32AM Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti products to deploy the DSLog backdoor, allowing remote command execution. The vulnerability, known as CVE-2024-21893, affects SAML components and enables bypassing authentication. Successful attacks have been reported, prompting the release of security updates to mitigate the risk. Key takeaways … Read more
February 9, 2024 at 04:36PM Ivanti disclosed a new vulnerability in its gateways, confusing researchers who claim discovery. Ivanti, attributing the find to in-house review, faces dispute from watchTowr, who published evidence of prior notification. The high-severity flaw, affecting limited versions, requires patching and mitigation. Recent security issues prompt CISA and NCSC advisories. (Word count: … Read more
February 8, 2024 at 02:53PM Ivanti warns of authentication bypass vulnerability (CVE-2024-22024) in Connect Secure, Policy Secure, and ZTA gateways, allowing remote access to unpatched appliances. No evidence of customer exploitation, but immediate action is recommended. Over 20,000 ICS VPN gateways tracked online. Ivanti devices targeted in zero-day attacks. Security patches released. CISA orders disconnection … Read more