Security News

CISA issued this year's first emergency directive ordering Federal Civilian Executive Branch agencies to immediately mitigate two Ivanti Connect Secure and Ivanti Policy Secure zero-day flaws in response to widespread and active exploitation by multiple threat actors.As instructed by emergency directive ED 24-01, federal agencies now must promptly implement Ivanti's publicly disclosed mitigation measures to block attack attempts.

A Chinese hacking group has been exploiting a critical vCenter Server vulnerability as a zero-day since at least late 2021. In the next stage, they exploited the CVE-2023-20867 VMware Tools authentication bypass flaw to escalate privileges, harvest files, and exfiltrate them from guest VMs. While, until now, Mandiant didn't know how the attackers gained privileged access to victims' vCenter servers, the link was made evident in late 2023 by a VMware vmdird service crash minutes before the backdoors' deployment closely matching CVE-2023-34048 exploitation.

In the new stable release of the Chrome browser, Google has fixed three security vulnerabilities affecting the V8 engine, including one zero-day with an existing exploit.V8 is an open-source JavaScript and WebAssembly engine developed by the Chromium Project for Chromium and Google Chrome web browsers.

Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw. The issue, tracked as CVE-2024-0519, concerns an out-of-bounds...

Citrix urged customers on Tuesday to immediately patch Netscaler ADC and Gateway appliances exposed online against two actively exploited zero-day vulnerabilities.The two zero-days impact the Netscaler management interface and expose unpatched Netscaler instances to remote code execution and denial-of-service attacks, respectively.

Google has released security updates to fix the first Chrome zero-day vulnerability exploited in the wild since the start of the year. The company fixed the zero-day for users in the Stable Desktop channel, with patched versions rolling out worldwide to Windows, Mac, and Linux users less than a week after being reported to Google.

There's a "Reasonable chance" that Ivanti Connect Secure VPN users are already compromised if they didn't apply the vulnerability mitigation released last week, experts say. The latest data from Volexity shows that successful exploits of two Ivanti zero-days have accelerated sharply to more than 1,700 devices.

Two zero-day vulnerabilities affecting Ivanti's Connect Secure VPN and Policy Secure network access control appliances are now under mass exploitation. While Ivanti is yet to release patches for these two actively exploited zero-days, admins are advised to apply mitigation measures provided by the vendor on all ICS VPNs on their network.

Social engineer reveals effective tricks for real-world intrusionsIn this Help Net Security interview, Jayson E. Street, Chief Adversarial Officer at Secure Yeti, discusses intriguing aspects of social engineering and unconventional methods for gathering target information. Understanding zero-trust design philosophy and principlesIn this Help Net Security interview, Phil Vachon, Head of Infrastructure in the Office of the CTO at Bloomberg, discusses the varying definitions of zero trust among security professionals and companies, emphasizing its broad design philosophy.

Two zero-day bugs in Ivanti products were likely under attack by cyberspies as early as December, according to Mandiant's threat intel team. The software biz disclosed the vulnerabilities in Ivanti Connect Secure - the VPN server appliance previously known as Pulse Connect Secure - and its Policy Secure gateways on Wednesday.