Tag: ivanti
-
CVSS 10.0 – Alarmstufe Rot für die Cloud Services Application von Ivanti
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/ivanti-cloud-services-sicherheitsupdate-a-af37ebf25237d03e0e394e141d611278/
-
Sicherheitslücken/Schadsoftware, Hacks (Dez. 2024): Windows, 7-Zip, Ivanti etc.
by
in SecurityNewsNoch ein kleiner Sammelbeitrag zu Schwachstellen in diversen Produkten wie Windows, Ivanti Cloud-Apps, 7-Zip, Windows 9-Days, Dell Software, und mehr. Manche Schwachstellen sind gepatcht, für andere gibt es ein Exploit oder sie werden ausgenutzt. Weiterhin konnten Sicherheitsforscher die MFA für … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/14/sicherheitsluecken-und-schadsoftware-dez-2024-7-zip-ivanti/
-
Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities
by
in SecurityNewsIvanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution.The list of vulnerabilities is as follows -CVE-2024-11639 (CVSS score: 10.0) – An authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 that…
-
Ivanti warns of maximum severity CSA auth bypass vulnerability
by
in SecurityNewsIvanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-warns-of-maximum-severity-csa-auth-bypass-vulnerability/
-
Security Pros Positive About GenAI in Cyber, Despite Raising Attack Severity
by
in SecurityNewsIvanti research found that security professionals are eight-times more likely to say GenAI is a net positive versus a net negative for cybersecurity First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/security-pros-genai-attack/
-
Ivanti Connect Secure/Policy Secure CVE-2023-46805, CVE-2024-21887 Combine for Unauthenticated RCE, and following CVEs discovered over time
by
in SecurityNewsWritten by the Kudelski Security Threat Detection & Research Team (updated on 2024.02.12 by Yann Lehmann) Summary Ivanti Connect Secure (ICS) and … First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/01/11/ivanti-connect-secure-policy-secure-cve-2023-46805-cve-2024-21887-combine-for-unauthenticated-rce/
-
Ivanti Patches 50 Vulnerabilities Across Several Products
by
in SecurityNewsIvanti has released fixes for dozens of vulnerabilities in Endpoint Manager, Avalanche, Connect Secure, Policy Secure, and Secure Access Client. The post Ivanti Patches 50 Vulnerabilities Across Several Products appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ivanti-patches-50-vulnerabilities-across-several-products/
-
Ivanti Warns of Critical Vulnerabilities in Connect Secure, Policy Secure Secure Access
by
in SecurityNewsIvanti, the well-known provider of IT asset and service management solutions, has issued critical security updates for its products Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC). These updates address multiple vulnerabilities, including medium, high, and critical severity issues, which, if exploited, could lead to denial of service (DoS), privilege escalation, and…
-
Ivanti patcht Endpoint Manager, Avalanche, VPN- und NAC-Software
by
in SecurityNewsIvanti bessert zahlreiche, teils kritische Sicherheitslücken in diversen Produkten aus. IT-Verwantwortliche sollten aktiv werden. First seen on heise.de Jump to article: www.heise.de/news/Ivanti-patcht-Endpoint-Manager-Avalanche-VPN-und-NAC-Software-10030118.html
-
Ivanti zero-day vulnerabilities exploited in chained attack
by
in SecurityNewsThe new exploit chains targeting Ivanti Cloud Service Application customers are connected to a previously disclosed critical path traversal flaw, CVE-… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366613041/Ivanti-zero-day-vulnerabilities-exploited-in-chained-attack
-
New infosec products of the week: October 25, 2024
by
in SecurityNewsHere’s a look at the most interesting products from the past week, featuring releases from Fastly, IBM, Ivanti, Kusari, and Nucleus Security. IBM Guar… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/25/new-infosec-products-of-the-week-october-25-2024/
-
More Ivanti vulnerabilities exploited in the wild
by
in SecurityNewsThree vulnerabilities in Ivanti products have come under attack by unknown threat actors in recent weeks, including two flaws in the company’s Cloud S… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366611897/More-Ivanti-vulnerabilities-exploited-in-the-wild
-
Nation-State Attackers Exploiting Ivanti CSA Flaws for Network Infiltration
A suspected nation-state adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance (CSA) a zero-day to perform a … First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/nation-state-attackers-exploiting.html
-
Serious Adversaries Circle Ivanti CSA Zero-Day Flaws
Suspected nation-state actors are spotted stringing together three different zero-days in the Ivanti Cloud Services Application to gain persistent acc… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/serious-adversaries-circle-ivanti-csa-flaws
-
Updates dringend notwendig – Ivanti veröffentlicht Security Advisory für kritische Sicherheitslücken
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecken-ivanti-cloud-services-appliance-a-a4099c534e081d4a2668d56045d7b5cb/
-
CVE-2024-9381 Ivanti CSA Security Vulnerability October 2024
by
in SecurityNewsA critical vulnerability (CVE-2024-9381) in Ivanti’s Cloud Services Appliance allows attackers to bypass security measures and execute arbitrary code…. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/cve-2024-9381-ivanti-csa-security-vulnerability-october-2024/
-
Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited
by
in SecurityNewsIvanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance (CSA) have come under active exploitation in the wild…. First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/zero-day-alert-three-critical-ivanti.html
-
Suspected Nation-State Adversary Exploits Ivanti CSA in a Series of Sophisticated Attacks
by
in SecurityNewsFortinet’s FortiGuard Labs recently released a detailed analysis of a sophisticated cyberattack targeting the Ivanti Cloud Services Appliance (CSA). T… First seen on securityonline.info Jump to article: securityonline.info/suspected-nation-state-adversary-exploits-ivanti-csa-in-a-series-of-sophisticated-attacks/
-
U.S. CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog
by
in SecurityNewsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog… First seen on securityaffairs.com Jump to article: securityaffairs.com/169804/hacking/u-s-cisa-adds-fortinet-products-and-ivanti-csa-bugs-known-exploited-vulnerabilities-catalog.html
-
3 More Ivanti Cloud Vulns Exploited in the Wild
by
in SecurityNewsThe security bugs were found susceptible to exploitation in connection to the previously disclosed, critical CVE-2024-8963 vulnerability in the securi… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/three-more-ivanti-cloud-vulns-exploited
-
Ivanti CSA bugs leveraged in suspected nation-state attack
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/ivanti-csa-bugs-leveraged-in-suspected-nation-state-attack
-
Nation-state actor exploited three Ivanti CSA zero-days
by
in SecurityNewsAn alleged nation-state actor exploited three zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) in recent attacks. Fortinet FortiGuard … First seen on securityaffairs.com Jump to article: securityaffairs.com/169778/apt/ivanti-cloud-service-appliance-three-zero.html
-
Ivanti stopft ausgenutzte Sicherheitslücken und mehr
by
in SecurityNews
Tags: ivantiFirst seen on heise.de Jump to article: www.heise.de/news/Ivanti-stopft-ausgenutzte-Sicherheitsluecken-und-mehr-9974839.html
-
CISA Adds Fresh Ivanti Vuln, Critical Fortinet Bug To Hall Of Shame
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36454/CISA-Adds-Fresh-Ivanti-Vuln-Critical-Fortinet-Bug-To-Hall-Of-Shame.html
-
Chinese State Hackers Main Suspect in Recent Ivanti CSA Zero-Day Attacks
Fortinet believes state-sponsored threat actors are behind the recent attacks involving exploitation of Ivanti CSA zero-days. The post Chinese State H… First seen on securityweek.com Jump to article: www.securityweek.com/ivanti-csa-zero-day-exploitation-attributed-to-state-sponsored-hackers/
-
Ivanti patches exploited admin command execution flaw
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/09/20/patch_up_ivanti_fixes_exploited/
-
Trio of Ivanti CSA zero-day vulnerabilities under exploit threat
by
in SecurityNewsFirst seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ivanti-zero-day-vulnerabilities-exploitation/729354/
-
Vulnerability Recap 10/01/24 NVIDIA, Ivanti Newcomer Kia See Issues
by
in SecurityNewsFirst seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/vulnerability-recap-october-01-2024/
-
CISA issues warning about another Ivanti flaw under active attack
by
in SecurityNewsThe U.S. IT software giant confirmed this week that the vulnerability, fixed in May, is now being used to target a limited number of Ivanti customers…. First seen on techcrunch.com Jump to article: techcrunch.com/2024/10/03/cisa-issues-warning-about-another-ivanti-flaw-under-active-attack/
-
Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch
by
in SecurityNewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company … First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/ivanti-endpoint-manager-flaw-actively.html