Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024. The security vulnerability in question is CVE-2025-0282 (CVSS score: 9.0), a Read more…
How to Plan a New (and Improved!) Password Policy for Real-World Security Challenges Many organizations struggle with password policies that look strong on paper but fail in practice because they’re too rigid to follow, too vague to enforce, or disconnected from real security needs. Some are so tedious and complex Read more…
Iranian Hackers Target Middle East Policy Experts with New BASICSTAR Backdoor The Iranian-origin threat actor known as Charming Kitten has been linked to a new set of attacks aimed at Middle East policy experts with a new backdoor called BASICSTAR by creating a fake webinar portal. Charming Kitten, also called APT35, CharmingCypress, Read more…
Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure î ‚Jan 11, 2024î „NewsroomCybersecurity / Zero-Day A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm Volexity, which identified Read more…