Backdoor deployed using recent Ivanti VPN vulnerability enables command execution, web request and system log theft.
The post Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor appeared first on SecurityWeek.
Exploitation of Another Ivanti VPN Vulnerability Observed
Organizations urged to hunt for potential compromise as exploitation of a recent Ivanti enterprise VPN vulnerability begins.
The post Exploitation of Another Ivanti VPN Vulnerability Observed appeared first on SecurityWeek.
Ivanti Patches High-Severity Vulnerability in VPN Appliances
An XXE flaw in Ivanti Connect Secure, Ivanti Policy Secure, and ZTA gateways could lead to unauthenticated access to resources.
The post Ivanti Patches High-Severity Vulnerability in VPN Appliances appeared first on SecurityWeek.
CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products
In an unprecedented move, CISA is demanding that federal agencies disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours.
The post CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products appeared first on SecurityWeek.
After Delays, Ivanti Patches Zero-Days and Confirms New Exploit
Ivanti documents a brand-new zero-day and belatedly ships patches; Mandiant is reporting “broad exploitation activity.”
The post After Delays, Ivanti Patches Zero-Days and Confirms New Exploit appeared first on SecurityWeek.
Ivanti Struggling to Hit Zero-Day Patch Release Schedule
Ivanti is struggling to hit its own timeline for the delivery of patches for critical — and already exploited — flaws in its flagship VPN appliances.
The post Ivanti Struggling to Hit Zero-Day Patch Release Schedule appeared first on SecurityWeek.
CISA Issues Emergency Directive on Ivanti Zero-Days
The US government’s cybersecurity agency CISA ramps up the pressure on organizations to mitigate two exploited Ivanti VPN vulnerabilities.
The post CISA Issues Emergency Directive on Ivanti Zero-Days appeared first on SecurityWeek.
Ivanti EPMM Vulnerability Targeted in Attacks as Exploitation of VPN Flaws Increases
The number of Ivanti VPN appliances compromised through exploitation of recent flaws increases and another vulnerability is added to exploited list.
The post Ivanti EPMM Vulnerability Targeted in Attacks as Exploitation of VPN Flaws Increases appeared first on SecurityWeek.
Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins
The recently disclosed Ivanti VPN zero-days have been exploited to hack at least 1,700 devices, including government, telecoms, defense, and tech.
The post Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins appeared first on SecurityWeek.
Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout
Ivanti zero-day vulnerabilities dubbed ConnectAround could impact thousands of systems and Chinese cyberspies are preparing for patch release.
The post Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout appeared first on SecurityWeek.