Security News

Zero-day exploited right now in Palo Alto Networks' GlobalProtect gateways
2024-04-12 22:43

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

New Ivanti RCE flaw may impact 16,000 exposed VPN gateways
2024-04-05 17:40

Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution flaw the vendor addressed earlier this week. The flaw is tracked as CVE-2024-21894 and is a high-severity heap overflow in the IPSec component of Ivanti Connect Secure 9.x and 22.x, potentially allowing unauthenticated users to cause denial of service or achieve RCE by sending specially crafted requests.

Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks
2024-04-03 17:29

While Ivanti said the remote code execution risks are limited to "Certain conditions," the company didn't provide details on the vulnerable configurations. "We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure," Ivanti added.

Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway Vulnerabilities
2024-03-01 06:26

The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure...

CISA cautions against using hacked Ivanti VPN gateways even after factory resets
2024-02-29 20:35

The U.S. Cybersecurity and Infrastructure Security Agency revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to maintain root persistence even after performing factory resets. The authoring organizations encourage network defenders to assume that user and service account credentials stored within the affected Ivanti VPN appliances are likely compromised, hunt for malicious activity on their networks using the detection methods and indicators of compromise within this advisory, run Ivanti's most recent external ICT, and apply available patching guidance provided by Ivanti as version updates become available.

Secure email gateways struggle to keep pace with sophisticated phishing campaigns
2024-02-23 05:00

In 2023, malicious email threats bypassing secure email gateways increased by more than 100%, according to Cofense. "As we unveil the statistics from the 2024 Annual State of Email Security Report, it's evident that the email-based attack vector is evolving at an unprecedented pace going into 2024," said David Van Allen, CEO of Cofense.

Over 13,000 Ivanti gateways vulnerable to actively exploited bugs
2024-02-15 15:30

Thousands of Ivanti Connect Secure and Policy Secure endpoints remain vulnerable to multiple security issues first disclosed more than a month ago and which the vendor gradually patched. Starting with CVE-2024-22024, the issue is an XXE vulnerability in the SAML component of Ivanti Connect Secure, Policy Secure, and ZTA gateways that allowsunauthorized access to restricted resources.

Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways
2024-02-09 03:35

Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication. The...

Critical Cisco bug exposes Expressway gateways to CSRF attacks
2024-02-07 18:22

Cisco has patched several vulnerabilities affecting its Expressway Series collaboration gateways, two of them rated as critical severity and exposing vulnerable devices to cross-site request forgery attacks.Unauthenticated attackers can exploit the two critical CSRF vulnerabilities patched today to target unpatched Expressway gateways remotely.

Guarding the gateway: Securing dispersed networks
2023-11-28 05:00

The network is at an inflection point, and organizations' networks have become more dispersed amongst the cloud and on-prem, prompting a greater need for visibility today than ever. As the nature of the network shifts, teams face challenges securing their organization's infrastructure, and many fall short.