Tag: vulnerability
-
Chinese Espionage Group Targeting Legacy Ivanti VPN Devices
by
in SecurityNewsMore Evidence Surfaces of Chinese Hackers Targeting Ivanti Products. A suspected Chinese cyberespionage operation is behind a spate of malware left on VPN appliances made by Ivanti. The threat actor used a critical security vulnerability the Utah company patched in February. We are aware of a limited number of customers whose appliances have been exploited.…
-
CISA warns of latest Ivanti firewall bug being exploited by suspected Chinese hackers
by
in SecurityNewsResearchers attributed exploitation of the vulnerability to a suspected China-based cyberespionage group tracked as UNC5221. First seen on therecord.media Jump to article: therecord.media/cisa-ivanti-firewall-bug-exploitation
-
Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild
by
in SecurityNewsApril 5, 2025 Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways. Rated at a CVSS score of 9.0, this stack-based buffer overflow has been actively exploited since mid-March 2025, posing a severe risk to organizations using these […]…
-
CISA Urges Patching For ‘Critical’ Ivanti VPN Flaw Exploited In Attacks
by
in SecurityNewsExploitation of a critical-severity Ivanti Connect Secure vulnerability prompted CISA to issue an advisory Friday, urging organizations to implement patches to fix the issue. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cisa-urges-patching-for-critical-ivanti-vpn-flaw-exploited-in-attacks
-
Chinese Hackers Exploit Ivanti VPN Vulnerability to Deliver Malware Payloads
by
in SecurityNewsIvanti disclosed a critical security vulnerability, CVE-2025-22457, affecting its Connect Secure (ICS) VPN appliances, particularly versions 22.7R2.5 and earlier. This buffer overflow vulnerability enables attackers to achieve remote code execution when exploited successfully. Security researchers from Mandiant and Ivanti have confirmed active exploitation of this vulnerability in the wild, targeting ICS 9.X (end-of-life) and earlier…
-
Call Records of Millions Exposed by Verizon App Vulnerability
by
in SecurityNewsA patch has been released for a serious information disclosure vulnerability affecting a Verizon call filtering application. The post Call Records of Millions Exposed by Verizon App Vulnerability appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/call-records-of-millions-exposed-by-verizon-app-vulnerability/
-
Oracle Confirms The Data Breach- Starts Initiating Client Notifications
by
in SecurityNewsOracle Corporation has confirmed a data breach involving its older Gen 1 servers, marking its second cybersecurity incident disclosed in recent weeks. This breach underscores vulnerabilities in legacy systems and raises concerns about the company’s ability to safeguard sensitive client data. Details of the Breach According to a Cyber Security News report, the breach was…
-
Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE
by
in SecurityNewsNo known exploits yet: Neither Endor Labs nor NIST’s NVD entry reported any exploit attempts using CVE-2025-30065 as of publication of this article. Apache silently pushed a fix with the release of 1.15.1 on March 16, 2025, with a GitHub redirect to changes made in the update.Endor Labs advised prompt patching of the vulnerability, which…
-
IT in Krankenhäusern: SIT-Sicherheitsstudie deckt signifikante Schwachstellen auf
by
in SecurityNews
Tags: vulnerabilityFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/it-krankenhaeuser-sit-sicherheitsstudie-aufdeckung-signifikante-schwachstellen
-
Oracle Reports Data Breach, Initiates Client Notifications
by
in SecurityNewsOracle Corporation has confirmed a data breach involving its older Gen 1 servers, marking its second cybersecurity incident disclosed in recent weeks. This breach underscores vulnerabilities in legacy systems and raises concerns about the company’s ability to safeguard sensitive client data. Details of the Breach According to a Cyber Security News report, the breach was…
-
Rafts of Security Bugs Could Rain Out Solar Grids
by
in SecurityNewsAt least three major energy solution and renewable energy companies have nearly 50 vulnerabilities, many of them basic mistakes , indicating a lack of developed cybersecurity safeguards. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/security-bugs-could-rain-out-solar-grids
-
CVE-2025-22457: New Critical Ivanti Flaw Could Expose Entire Networks
by
in SecurityNewsOverview of the Vulnerability Ivanti has recently disclosed a significant security vulnerability, identified as CVE-2025-22457, affecting its Connect Secure, Policy Secure, and ZTA Gateway products. While specific details are pending, such vulnerabilities typically involve issues such as remote code execution,… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-22457-critical-ivanti-flaw/
-
Privilegierte Zugänge werden zum Sicherheitsrisiko
by
in SecurityNews
Tags: access, ai, api, apple, authentication, best-practice, cisco, cloud, cyber, cyberattack, dark-web, hacker, mail, malware, mfa, microsoft, password, phishing, ransomware, risk, service, tool, vpn, vulnerabilityKriminelle bevorzugen Phishing als Erstzugriffsmethode und nutzen legale Tools für unauffällige Angriffe auf sensible Systeme, wie eine aktuelle Studie herausfand.Der Missbrauch legitimer privilegierter Zugänge (legitimate privileged access) nimmt zu . Wie der Cisco Talos’ Jahresrückblick 2024 herausfand, nutzten Angreifer immer öfter gestohlene Identitäten für ihre Attacken, darunter auch Ransomware-Erpressungen. Dafür missbrauchen die HackerAnmeldedaten,Tokens,API-Schlüssel undZertifikate.Angriffe dieser…
-
Critical Apache Parquet Vulnerability Leads to Remote Code Execution
by
in SecurityNewsA critical vulnerability in Apache Parquet can be exploited to execute arbitrary code remotely, leading to complete system compromise. The post Critical Apache Parquet Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/critical-apache-parquet-vulnerability-leads-to-remote-code-execution/
-
Critical flaw in Apache Parquet’s Java Library allows remote code execution
by
in SecurityNewsExperts warn of a critical vulnerability impacting Apache Parquet’s Java Library that could allow remote code execution. Apache Parquet’s Java Library is a software library for reading and writing Parquet files in the Java programming language. Parquet is a columnar storage file format that is optimized for use with large-scale data processing frameworks, such as…
-
Benchmarks Find ‘DeepSeek-V3-0324 Is More Vulnerable Than Qwen2.5-Max’
by
in SecurityNewsWhile the latest iteration of Qwen2.5-Max outperforms DeepSeek-V3 on security, the AI model lags behind its competition in several other areas. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-qwen-2-5-deepseek-3-ai-model-security/
-
Critical Apache Parquet Vulnerability Allows Remote Code Execution
by
in SecurityNewsA severe vulnerability has been identified in the Apache Parquet Java library, specifically within itsparquet-avromodule. This flaw, tracked as CVE-2025-30065, exposes systems to potential Remote Code Execution (RCE) attacks. It has been ratedCriticalwith a CVSS score of 10.0, indicating the highest level of severity. The root cause is categorized asDeserialization of Untrusted Data (CWE-502). The vulnerability impacts systems…
-
Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw
by
in SecurityNews
Tags: china, espionage, exploit, flaw, hacker, ivanti, mandiant, remote-code-execution, vulnerabilityMandiant warned that Chinese espionage actor UNC5221 is actively exploiting a critical Ivanti vulnerability, which can lead to remote code execution First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-state-hackers-ivanti-flaw/
-
CVE-2025-22457: Critical Ivanti Connect Secure Vulnerability
by
in SecurityNewsSummary On April 3, 2025, Ivanti disclosed CVE-2025-22457 that impacts Ivanti Connect Secure VPN appliances, PulseConnect Secure(end of service), Ivanti Policy Secure, and ZTA Gateways. First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/04/04/cve-2025-22457-critical-ivanti-connect-secure-vulnerability/
-
The Ultimate Guide to Vulnerability Assessment
by
in SecurityNewsVulnerability assessment is a process that identifies security weaknesses of any IT system, network, application, or cloud environment. It is a proactive approach to detect and fix security gaps before… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/the-ultimate-guide-to-vulnerability-assessment/
-
AI programming copilots are worsening code security and leaking more secrets
by
in SecurityNews
Tags: access, ai, api, application-security, attack, authentication, best-practice, breach, ceo, ciso, container, control, credentials, cybersecurity, data, data-breach, github, government, incident response, injection, least-privilege, LLM, monitoring, open-source, openai, password, programming, risk, skills, software, strategy, tool, training, vulnerabilityOverlooked security controls: Ellen Benaim, CISO at enterprise content mangement firm Templafy, said AI coding assistants often fail to adhere to the robust secret management practices typically observed in traditional systems.”For example, they may insert sensitive information in plain text within source code or configuration files,” Benaim said. “Furthermore, because large portions of code are…
-
Halo ITSM Vulnerability Lets Attackers Inject Malicious SQL Code
by
in SecurityNewsA critical security flaw has been discovered inHalo ITSM, an IT support management software widely deployed across cloud and on-premise environments. The vulnerability, which allows attackers to inject malicious SQL code, poses a significant threat to organizations relying on the software to manage IT support tickets containing sensitive data such as credentials and internal documentation.…
-
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
by
in SecurityNewsIvanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure that has come under active exploitation in the wild.The vulnerability, tracked as CVE-2025-22457 (CVSS score: 9.0), concerns a case of a stack-based buffer overflow that could be exploited to execute arbitrary code on affected systems.”A stack-based buffer overflow in Ivanti Connect…
-
OpenVPN Flaw Allows Attackers Crash Servers and Run Remote Code
by
in SecurityNewsOpenVPN, a widely-used open-source virtual private network (VPN) software, has recently patched a security vulnerability that could allow attackers to crash servers and potentially execute remote code under certain conditions. The flaw, identified as CVE-2025-2704, affects OpenVPN servers using specific configurations and has been addressed in the newly released version OpenVPN 2.6.14. CVE-2025-2704: Overview The vulnerability is…
-
Apache Traffic Server Flaw Allows Request Smuggling Attacks
by
in SecurityNewsA critical vulnerability has been discovered in Apache Traffic Server (ATS), an open-source caching proxy server. Identified as CVE-2024-53868, this flaw enables attackers to exploit request smuggling via malformed chunked messages. Users of Apache Traffic Server are urged to upgrade to secure versions of the software immediately to mitigate potential risks. CVE-2024-53868 Details The vulnerability was…
-
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code
by
in SecurityNewsA maximum severity security vulnerability has been disclosed in Apache Parquet’s Java Library that, if successfully exploited, could allow a remote attacker to execute arbitrary code on susceptible instances.Apache Parquet is a free and open-source columnar data file format that’s designed for efficient data processing and retrieval, providing support for complex data, high-performance First seen…
-
Surge in threat actors scanning Juniper, Cisco, and Palo Alto Networks devices
by
in SecurityNewsScanning for Palo Alto Networks portals: Meanwhile, researchers at GreyNoise this week reported seeing a recent significant surge in login scanning activity targeting Palo Alto Networks PAN-OS GlobalProtect portals. GlobalProtect is an endpoint application that allows employees to access a company’s resources remotely.Over the last 30 days, nearly 24,000 unique IP addresses have attempted to access…
-
China-backed espionage group hits Ivanti customers again
by
in SecurityNewsUNC5221 has a knack for exploiting defects in Ivanti products. The group has exploited at least four vulnerabilities in the vendor’s products since 2023, according to Mandiant. First seen on cyberscoop.com Jump to article: cyberscoop.com/china-espionage-group-ivanti-vulnerability-exploits/
-
Max severity RCE flaw discovered in widely used Apache Parquet
by
in SecurityNewsA maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/max-severity-rce-flaw-discovered-in-widely-used-apache-parquet/