Collaborate Disseminate
CVE-2024-7593, a critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances, is actively exploited by attackers. The confirmation comes from the Cybersecurity and Infrastructure Security Agency (CISA), which … Continue reading Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593)
In addition to the Ivanti CSA flaw CVE-2024-8190, another vulnerability affecting the same product, tracked as CVE-2024-8963, has been exploited.
The post Ivanti Warns of Second CSA Vulnerability Exploited in Attacks appeared first on SecurityWeek.
Continue reading Ivanti Warns of Second CSA Vulnerability Exploited in Attacks
CVE-2024-8190, an OS command injection vulnerability in Ivanti Cloud Services Appliance (CSA) v4.6, is under active exploitation. Details about the attacks are still unknown, but there may be more in the near future: Horizon3.ai researchers have publis… Continue reading PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190)
The Ivanti Cloud Service Appliance vulnerability CVE-2024-8190 has been exploited in the wild, with attacks starting just days after disclosure.
The post Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure appeared first on SecurityWeek.
Continue reading Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure
Ivanti’s Cloud Service Appliance has a “high severity vulnerability” being exploited in the wild.
The post CISA warns of hackers exploiting bug for end-of-life Ivanti product appeared first on CyberScoop.
Continue reading CISA warns of hackers exploiting bug for end-of-life Ivanti product
Ivanti has fixed a slew of vulnerabilities affecting its Endpoint Manager solution, including a maximum severity one (CVE-2024-29847) that may allow unauthenticated attackers to remotely execute code in the context of the vulnerable system, and use it … Continue reading Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847)
Ivanti has released patches for multiple vulnerabilities in Endpoint Manager, Cloud Service Appliance, and Workspace Control.
The post Ivanti Patches Critical Vulnerabilities in Endpoint Manager appeared first on SecurityWeek.
Continue reading Ivanti Patches Critical Vulnerabilities in Endpoint Manager
I asked for a calm August 2024 Patch Tuesday in last month’s forecast article and that came to pass. The updates released were limited to the regular operating systems and all forms of Office applications. Six zero-day vulnerabilities were announced, w… Continue reading September 2024 Patch Tuesday forecast: Downgrade is the new exploit
Here’s a look at the most interesting products from the past month, featuring releases from: Adaptive Shield, AppOmni, ArmorCode, Bitwarden, Cequence Security, ClearSale, Clutch Security, Contrast Security, Dragos, Elastic, Endor Labs, Entrust, Fortani… Continue reading Infosec products of the month: August 2024
Here’s a look at the most interesting products from the past week, featuring releases from ClearSale, Guardio, Ivanti, Resecurity, and Stellar. Resecurity unveils new AI-driven Fraud Prevention Platform Resecurity unveiled its advanced AI-driven Fraud … Continue reading New infosec products of the week: August 16, 2024