Security News

Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway Vulnerabilities

2024-03-01 06:26

The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure...

#exploitation #gateway #ivanti #vulnerabilities

Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation

2024-02-15 05:19

Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as...

#critical #CVE #exchange #exploitation #server #CVE-2024-21410

Fortinet Warns of Critical FortiOS SSL VPN Flaw Likely Under Active Exploitation

2024-02-09 07:45

Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the...

#critical #exploitation #fortinet #fortios #SSL #VPN #CVE-2024-21762

Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation

2024-02-06 06:58

A recently disclosed server-side request forgery (SSRF) vulnerability impacting Ivanti Connect Secure and Policy Secure products has come under mass exploitation. The Shadowserver...

#exploitation #ivanti #ssrf #VPN #CVE-2024-21893

Newest Ivanti SSRF zero-day now under mass exploitation

2024-02-05 15:55

An Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery vulnerability tracked as CVE-2024-21893 is currently under mass exploitation by multiple attackers. The exploitation volume of this particular vulnerability is far greater than that of other recently fixed or mitigated Ivanti flaws, indicating a clear shift in the attackers' focus.

#exploitation #ivanti #ssrf #zeroday #CVE-2024-21893

CISA Warns of Active Exploitation Apple iOS and macOS Vulnerability

2024-02-01 05:02

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities...

#apple #cisa #exploitation #IOS #macos #vulnerability #CVE-2022-48618

Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation

2024-01-31 13:38

Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild. The list of...

#exploitation #ivanti #zeroday #CVE-2024-21888

~40,000 Attacks in 3 Days: Critical Confluence RCE Under Active Exploitation

2024-01-23 09:34

Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public...

#attack #confluence #critical #exploitation #RCE #CVE-2023-22527

Ivanti Connect Secure zero-days now under mass exploitation

2024-01-16 01:05

Two zero-day vulnerabilities affecting Ivanti's Connect Secure VPN and Policy Secure network access control appliances are now under mass exploitation. While Ivanti is yet to release patches for these two actively exploited zero-days, admins are advised to apply mitigation measures provided by the vendor on all ICS VPNs on their network.

#exploitation #ivanti #zeroday

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

2024-01-12 06:35

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV)...

#cisa #exploitation #microsoft #sharepoint #vulnerability #CVE-2023-29357

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News