Tag: Ivanti
-
The Register: One of Salt Typhoon’s favorite flaws still wide open on 91% of at-risk Exchange Servers
Source URL: https://www.theregister.com/2025/01/23/proxylogon_flaw_salt_typhoons_open/ Source: The Register Title: One of Salt Typhoon’s favorite flaws still wide open on 91% of at-risk Exchange Servers Feedly Summary: But we mean, you’ve had nearly four years to patch One of the critical security flaws exploited by China’s Salt Typhoon to breach US telecom and government networks has had a…
-
Alerts: CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
Source URL: https://www.cisa.gov/news-events/alerts/2025/01/22/cisa-and-fbi-release-advisory-how-threat-actors-chained-vulnerabilities-ivanti-cloud-service Source: Alerts Title: CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications Feedly Summary: CISA, in partnership with the Federal Bureau of Investigation (FBI), released Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications. This advisory was crafted in response to active exploitation of vulnerabilities—CVE-2024-8963,…
-
The Register: Fortinet: FortiGate config leaks are genuine but misleading
Source URL: https://www.theregister.com/2025/01/17/fortinet_fortigate_config_leaks/ Source: The Register Title: Fortinet: FortiGate config leaks are genuine but misleading Feedly Summary: Competition hots up with Ivanti over who can have the worst start to a year Fortinet has confirmed that previous analyses of records leaked by the Belsen Group are indeed genuine FortiGate configs stolen during a zero-day raid…
-
Unit 42: Threat Brief: CVE-2025-0282 and CVE-2025-0283
Source URL: https://unit42.paloaltonetworks.com/threat-brief-ivanti-cve-2025-0282-cve-2025-0283/ Source: Unit 42 Title: Threat Brief: CVE-2025-0282 and CVE-2025-0283 Feedly Summary: CVE-2025-0282 and CVE-2025-0283 affect multiple Ivanti products. This threat brief covers attack scope, including details from an incident response case. The post Threat Brief: CVE-2025-0282 and CVE-2025-0283 appeared first on Unit 42. AI Summary and Description: Yes **Summary:** The text details…
-
Alerts: Ivanti Releases Security Updates for Multiple Products
Source URL: https://www.cisa.gov/news-events/alerts/2025/01/14/ivanti-releases-security-updates-multiple-products Source: Alerts Title: Ivanti Releases Security Updates for Multiple Products Feedly Summary: Ivanti released security updates to address vulnerabilities in Ivanti Avalanche, Ivanti Application Control Engine, and Ivanti EPM. CISA encourages users and administrators to review the following Ivanti security advisories and apply the necessary guidance and updates: Ivanti Avalanche Ivanti Application…
-
Slashdot: Hackers Are Exploiting a New Ivanti VPN Security Bug To Hack Into Company Networks
Source URL: https://it.slashdot.org/story/25/01/09/1535218/hackers-are-exploiting-a-new-ivanti-vpn-security-bug-to-hack-into-company-networks?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Hackers Are Exploiting a New Ivanti VPN Security Bug To Hack Into Company Networks Feedly Summary: AI Summary and Description: Yes Summary: Ivanti has disclosed a critical zero-day vulnerability (CVE-2025-0282) in its widely utilized enterprise VPN appliance, which has been exploited to infiltrate the networks of corporate customers. This…
-
The Register: Zero-day exploits plague Ivanti Connect Secure appliances for second year running
Source URL: https://www.theregister.com/2025/01/09/zeroday_exploits_ivanti/ Source: The Register Title: Zero-day exploits plague Ivanti Connect Secure appliances for second year running Feedly Summary: Factory resets and apply patches is the advice amid fortnight delay for other appliances The cybersecurity industry is urging those in charge of defending their orgs to take mitigation efforts “seriously" as Ivanti battles two…
-
Alerts: Ivanti Releases Security Updates for Connect Secure, Policy Secure, and ZTA Gateways
Source URL: https://www.cisa.gov/news-events/alerts/2025/01/08/ivanti-releases-security-updates-connect-secure-policy-secure-and-zta-gateways Source: Alerts Title: Ivanti Releases Security Updates for Connect Secure, Policy Secure, and ZTA Gateways Feedly Summary: Ivanti released security updates to address vulnerabilities (CVE-2025-0282, CVE-2025-0283) in Ivanti Connect Secure, Policy Secure, and ZTA Gateways. A cyber threat actor could exploit CVE-2025-0282 to take control of an affected system.CISA has added CVE-2025-0282…