Ivanti has released product updates to resolve multiple vulnerabilities, including critical code execution flaws in Endpoint Manager.
The post Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager appeared first on SecurityWeek.
MITRE Hack: China-Linked Group Breached Systems in December 2023
MITRE has shared more details on the recent hack, including the new malware involved in the attack and a timeline of the attacker’s activities.
The post MITRE Hack: China-Linked Group Breached Systems in December 2023 appeared first on SecurityWeek.
Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product
Ivanti releases patches for 27 vulnerabilities in the Avalanche MDM product, including critical flaws leading to command execution.
The post Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product appeared first on SecurityWeek.
Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability
Researchers at the Shadowserver Foundation identify thousands of internet-exposed Ivanti VPN appliances likely impacted by a recently disclosed vulnerability leading to remote code execution.
The post Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability appeared first on SecurityWeek.
Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz
Ivanti releases a carefully scripted YouTube video and an open letter from chief executive Jeff Abbott vowing to fix the entire security organization.
The post Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz appeared first on SecurityWeek.
Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks
CVE-2023-48788, a critical SQL injection vulnerability in Fortinet’s FortiClient EMS product, is being exploited in the wild.
The post Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks appeared first on SecurityWeek.
Ivanti Patches Critical Vulnerabilities in Standalone Sentry, Neurons for ITSM
Ivanti has released patches for two critical-severity vulnerabilities leading to arbitrary command execution.
The post Ivanti Patches Critical Vulnerabilities in Standalone Sentry, Neurons for ITSM appeared first on SecurityWeek.
Governments Urge Organizations to Hunt for Ivanti VPN Attacks
Credentials stored on Ivanti VPN appliances impacted by recent vulnerabilities are likely compromised, government agencies say.
The post Governments Urge Organizations to Hunt for Ivanti VPN Attacks appeared first on SecurityWeek.
Chinese Cyberspies Use New Malware in Ivanti VPN Attacks
Chinese threat actors target Ivanti VPN appliances with new malware designed to persist system upgrades.
The post Chinese Cyberspies Use New Malware in Ivanti VPN Attacks appeared first on SecurityWeek.
Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor
Backdoor deployed using recent Ivanti VPN vulnerability enables command execution, web request and system log theft.
The post Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor appeared first on SecurityWeek.
