ivanti
NSA says it’s tracking Ivanti cyberattacks as hackers hit US defense sector
The U.S. National Security Agency has confirmed that hackers exploiting flaws in Ivanti’s widely used enterprise VPN appliance have targeted organizations across the U.S. defense sector. NSA spokesperson Edward Bennett…
Researchers say attackers are mass-exploiting new Ivanti VPN flaw
Hackers have begun mass exploiting a third vulnerability affecting Ivanti’s widely used enterprise VPN appliance, new public data shows. Last week, Ivanti said it had discovered two new security flaws…
US gives federal agencies 48 hours to disconnect flawed Ivanti VPN tech
U.S. cybersecurity agency CISA has ordered federal agencies to urgently disconnect Ivanti VPN appliances given the risk of malicious exploitation due to multiple software flaws. In an update to an…
Ivanti patches two zero-days under attack, but finds another
Ivanti warned on Wednesday that hackers are exploiting another previously undisclosed zero-day vulnerability affecting its widely used corporate VPN appliance. Since early December, Chinese state-backed hackers have been exploiting Ivanti…
Malicious hackers have begun mass-exploiting two critical zero-day vulnerabilities in Ivanti’s widely used corporate VPN appliance. That’s according to cybersecurity company Volexity, which first reported last week that China state-backed…
State-backed hackers are exploiting new Ivanti VPN zero-days — but no patches yet
U.S. software giant Ivanti has confirmed that hackers are exploiting two critical-rated vulnerabilities affecting its widely-used corporate VPN appliance, but said that patches won’t be available until the end of…
Ivanti warns customers another zero-day is under active attack
U.S. software giant Ivanti has scrambled to patch another zero-day vulnerability under active attack. The vulnerability, tracked as CVE-2023-38035 with a vulnerability severity rating of 9.8 out of 10, affects…
US, Norway say hackers have been exploiting Ivanti zero-day since April
Hackers exploited a zero-day flaw in Ivanti’s mobile endpoint management software undetected for at least three months, U.S. and Norwegian cybersecurity agencies have warned. It was confirmed last week that…
Ivanti rushes to patch zero-day used to breach Norway’s government
Hackers exploited a zero-day flaw in Ivanti’s mobile endpoint management software to compromise a dozen Norwegian government agencies — and thousands of other organizations could also be at risk. The…