As if two Ivanti vulnerabilities under explot wasn't bad enough, now there are 3
Mass exploitation has begun for a critical vulnerability in Ivanti's VPN software, which comes as two other vulnerabilities are already being exploited.
The new vulnerability, tracked as CVE-2024-21893, is a server-side request forgery that has seen a rapid increase in attacks since its disclosure. [ more ]
CISA issues emergency directive for federal agencies to patch Ivanti VPN vulnerabilities
The Cybersecurity and Infrastructure Security Agency issued an emergency directive for federal agencies to patch their systems against a zero-day exploit in a VPN software.
The vulnerabilities in the software were publicly released by the software company on Jan. 10, and so far, the campaign has impacted at least 2,100 devices worldwide. [ more ]
As if two Ivanti vulnerabilities under explot wasn't bad enough, now there are 3
Mass exploitation has begun for a critical vulnerability in Ivanti's VPN software, which comes as two other vulnerabilities are already being exploited.
The new vulnerability, tracked as CVE-2024-21893, is a server-side request forgery that has seen a rapid increase in attacks since its disclosure. [ more ]
CISA issues emergency directive for federal agencies to patch Ivanti VPN vulnerabilities
The Cybersecurity and Infrastructure Security Agency issued an emergency directive for federal agencies to patch their systems against a zero-day exploit in a VPN software.
The vulnerabilities in the software were publicly released by the software company on Jan. 10, and so far, the campaign has impacted at least 2,100 devices worldwide. [ more ]