Ivanti Endpoint Manager

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch Oct 03, 2024Ravie LakshmananVulnerability / Endpoint Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based Read more…

Ivanti vTM Vulnerability

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns Sep 25, 2024Ravie LakshmananVulnerability / Cyber Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active Read more…

Cloud Appliance Vulnerability

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability Sep 14, 2024Ravie LakshmananEnterprise Security / Threat Intelligence Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 (CVSS Read more…

Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager

Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager

Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager Ivanti on Tuesday rolled out fixes to address multiple critical security flaws in Endpoint Manager (EPM) that could be exploited to achieve remote code execution under certain circumstances. Six of the 10 vulnerabilities – from CVE-2024-29822 through CVE-2024-29827 (CVSS scores: 9.6) – Read more…

Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery

Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery

Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet. That’s according to findings from Juniper Threat Labs, which said the vulnerabilities CVE-2023-46805 and CVE-2024-21887 have been leveraged to deliver the botnet payload. While Read more…

CISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products

CISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products

CISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities added are as follows – CVE-2023-48788 (CVSS score: 9.3) – Fortinet FortiClient Read more…

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. UNC5325 abused CVE-2024-21893 to deliver a wide range of new malware called LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, Read more…