Ivanti Vulnerabilities
CISA and FBI Issue Alert on OS Command Injection Vulnerabilities
CISA and FBI issued a critical advisory on July 10, 2024, urging software companies to review their products and eliminate OS command injection vulnerabilities at the source. This urgent call comes in ...
Ivanti CEO Promises Stronger Security After a Year of Flaws
Ivanti CEO Jeff Abbott, in an open letter and a video, outlined the steps the embattled company is taking to improve its security ...
Irony of Ironies: CISA Hacked — ‘by China’
Free rides and traffic jams: U.S. Cybersecurity and Infrastructure Security Agency penetrated in February, via vuln in Ivanti ...
CISA, Mandiant Warn of a Worsening Situation for Ivanti Users
The federal government and cybersecurity teams are warning organizations that threat groups are exploiting multiple flaws in Ivanti’s VPN appliances despite the vendor’s Integrity Checking Tool (ICT) and even after factory resets ...
Ivanti Pulse Secure Found Using End of Life CentOS 6 OS
Ivanti Pulse Secure VPN appliances have recently been a target of several sophisticated attacks, highlighting the ongoing challenges in safeguarding critical IT infrastructure like network devices. UNC5221, a nation-state group, exploited these ...
New Malware in Exploits Targeting Ivanti Vulnerabilities
Google-owned Mandiant has uncovered a new malware exploiting vulnerabilities in Ivanti Connect Secure VPN and Policy Secure devices. These malwares have been utilized by several threat groups, including the China-nexus espionage group ...
Mitigate Ivanti Vulnerabilities: CISA Issues Emergency Directive
In recent times, the cybersecurity landscape has witnessed a surge in threats targeting Ivanti Connect Secure and Ivanti Policy Secure solutions. The Cybersecurity and Infrastructure Security Agency (CISA) has raised a red ...