News

TechCrunch1y
Ivanti warns customers another zero-day is under active attack
U.S. software giant Ivanti has scrambled to patch another zero-day vulnerability under active attack. The vulnerability, tracked as CVE-2023-38035 with a vulnerability severity rating of 9.8 out ...
Ars Technica1y
Agencies using vulnerable Ivanti products have until Saturday to disconnect them - Ars Technica
Ivanti disclosed two new critical vulnerabilities in Connect Secure on Wednesday, tracked as CVE-2024-21888 and CVE-2024-21893. The company said that CVE-2024-21893—a class of vulnerability ...
Bleeping Computer10mon
Ivanti warns of critical vTM auth bypass with public exploit - BleepingComputer
Today, Ivanti urged customers to patch a critical authentication bypass vulnerability impacting Virtual Traffic Manager (vTM) appliances that can let attackers create rogue administrator accounts.
Bleeping Computer9mon
Ivanti warns of three more CSA zero-days exploited in attacks - BleepingComputer
American IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks.
TechRepublic1y
New Ivanti Secure VPN Zero-Day Vulnerabilities and Patches - TechRepublic
Read details about the new Ivanti VPN zero-day vulnerabilities, along with the latest information about patches. Most of the exposed VPN appliances are reported to be in the U.S., followed by ...