Security News > 2024 > January > CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits
2024-01-20 04:31
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products. The development came after the vulnerabilities – an authentication bypass
News URL
https://thehackernews.com/2024/01/cisa-issues-emergency-directive-to.html
Related news
- Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery (source)
- Google fixes Chrome zero-day with in-the-wild exploit (CVE-2024-4671) (source)
- PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers (source)
- PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026) (source)
- QNAP QTS zero-day in Share feature gets public RCE exploit (source)
- Update Chrome Browser Now: 4th Zero-Day Exploit Discovered in May 2024 (source)
- Week in review: Google fixes yet another Chrome zero-day exploit, YouTube as a cybercrime channel (source)
- Zero-Day Exploits Cheat Sheet: Definition, Examples & How It Works (source)
- CISA says crooks used Ivanti bugs to snoop around high-risk chemical facilities (source)