Vulnerabilities Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure The Ivanti Cloud Service Appliance vulnerability CVE-2024-8190 has been exploited in the wild, with attacks starting just days after disclosure. Eduard KovacsSeptember 16, 2024
Vulnerabilities Ivanti Patches Critical Vulnerabilities in Endpoint Manager Ivanti has released patches for multiple vulnerabilities in Endpoint Manager, Cloud Service Appliance, and Workspace Control. Ionut ArghireSeptember 11, 2024
Vulnerabilities Ivanti Patches Critical Vulnerabilities in Neurons for ITSM, Virtual Traffic Manager Ivanti has released patches for multiple vulnerabilities in Neurons for ITSM, Avalanche, and Virtual Traffic Manager, including critical bugs. Ionut ArghireAugust 14, 2024
Vulnerabilities Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager Ivanti has released product updates to resolve multiple vulnerabilities, including critical code execution flaws in Endpoint Manager. Ionut ArghireMay 22, 2024
Nation-State MITRE Hack: China-Linked Group Breached Systems in December 2023 MITRE has shared more details on the recent hack, including the new malware involved in the attack and a timeline of the attacker’s activities. Eduard KovacsMay 7, 2024
Vulnerabilities Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product Ivanti releases patches for 27 vulnerabilities in the Avalanche MDM product, including critical flaws leading to command execution. Ionut ArghireApril 17, 2024
Network Security Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability Researchers at the Shadowserver Foundation identify thousands of internet-exposed Ivanti VPN appliances likely impacted by a recently disclosed vulnerability leading to remote code execution. Ionut ArghireApril 8, 2024
Government Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz Ivanti releases a carefully scripted YouTube video and an open letter from chief executive Jeff Abbott vowing to fix the entire security organization. Ryan NaraineApril 4, 2024
Vulnerabilities Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks CVE-2023-48788, a critical SQL injection vulnerability in Fortinet’s FortiClient EMS product, is being exploited in the wild. Eduard KovacsMarch 26, 2024
Vulnerabilities Ivanti Patches Critical Vulnerabilities in Standalone Sentry, Neurons for ITSM Ivanti has released patches for two critical-severity vulnerabilities leading to arbitrary command execution. Ionut ArghireMarch 21, 2024
Government Governments Urge Organizations to Hunt for Ivanti VPN Attacks Credentials stored on Ivanti VPN appliances impacted by recent vulnerabilities are likely compromised, government agencies say. Ionut ArghireMarch 1, 2024
Malware & Threats Chinese Cyberspies Use New Malware in Ivanti VPN Attacks Chinese threat actors target Ivanti VPN appliances with new malware designed to persist system upgrades. Ionut ArghireFebruary 28, 2024