Three more vulns spotted in Ivanti CSA, all critical, one 10/10
Patch up, everyone – that admin portal is mighty attractive to your friendly cyberattacker
Patches11 Dec 2024 | 2
Ivanti
CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame
Usual three-week window to address significant risks to federal agencies applies
Cybersecurity Month10 Oct 2024 |
Ivanti patches exploited admin command execution flaw
Fears over chained attacks affecting EOL product
Patches20 Sep 2024 | 8
CISA says crooks used Ivanti bugs to snoop around high-risk chemical facilities
Crafty crims broke in but encryption stopped any nastiness
Cyber-crime25 Jun 2024 | 3
Ivanti commits to secure-by-design overhaul after vulnerability nightmare
CEO addresses whirlwind start to 2024 and how it plans to prevent a repeat
Security04 Apr 2024 | 19
Cybercrime crew Magnet Goblin bursts onto the scene exploiting Ivanti holes
Plus: CISA pulls plug on couple of systems feared compromised
Cyber-crime08 Mar 2024 | 2
LockBit's contested claim of fresh ransom payment suggests it's been well hobbled
Infosec in brief ALSO: CISA warns Ivanti vuln mitigations might not work, SAML hijack doesn't need ADFS, and crit vulns
Security04 Mar 2024 | 1
Ivanti discloses fifth vulnerability, doesn't credit researchers who found it
Software company's claim of there being no active exploits also being questioned
Security09 Feb 2024 | 5
Ivanti devices hit by wave of exploits for latest security hole
At this point you might be better off just shutting the stuff down
Security05 Feb 2024 | 5
Ivanti releases patches for VPN zero-days, discloses two more high-severity vulns
Many versions still without fixes while sophisticated attackers bypass mitigations
Patches31 Jan 2024 | 8
Ivanti and Juniper Networks accused of bending the rules with CVE assignments
Critics claim now-fixed vulnerabilities weren't disclosed, flag up grouping of multiple flaws under one CVE
Patches22 Jan 2024 | 7
Russians invade Microsoft exec mail while China jabs at VMware vCenter Server
Plus: Uncle Sam says Ivanti exploits 'consistent with PRC' snoops
Cyber-crime20 Jan 2024 | 9
Ivanti zero-day exploits explode as bevy of attackers get in on the act
Customers still patchless and mitigation only goes so far
Cyber-crime16 Jan 2024 | 6
Number of orgs compromised via Ivanti VPN zero-days grows as Mandiant weighs in
Snoops had no fewer than five custom bits of malware to hand to backdoor networks
CSO13 Jan 2024 | 4
Infoseccers think attackers backed by China are behind Ivanti zero-day exploits
Customers currently left patchless while attacks are expected to increase
Cyber-crime11 Jan 2024 | 6
Ivanti Sentry exploited in the wild, patches emitted
Good thing you're not exposing admin port 8443 to the world, right? Uh, right?
Patches22 Aug 2023 | 7
Ivanti plugs critical bug – but not before it was used against Norwegian government
Uncle Sam warns sysadmins to get patching as soon as possible
Patches26 Jul 2023 | 5
Biting the hand that feeds IT
