eSecurity Planet

JANUARY 16, 2024

The problem: Ivanti announced two vulnerabilities that affect Ivanti Connect Secure VPN and Ivanti Policy Secure products. Potential results of the exploits include authentication bypass and command injection. According to Bitdefender, the thermostat does not validate the authenticity of a new firmware update.

Firewall 107

Firewall Firmware IoT Authentication 107

eSecurity Planet

MARCH 4, 2024

February 27, 2024 Ransomware Gangs Target Unpatched ScreenConnect Servers Type of vulnerability: Authentication bypass and path traversal. Azure-Connected IoT Vulnerable to Remote Code Execution Type of vulnerability: Internet of things (IoT) RCE vulnerability.

IoT 114

IoT Internet Internet Ransomware 114

eSecurity Planet

NOVEMBER 6, 2023

The Problem: Three flaws discovered by the Kubernetes security community carry CVSS severity scores of 7.6 also adds Supplemental and Environmental safety measurements and values relevant to operational technology (OT), industrial control systems (ICS), and Internet of Things (IoT) contexts.

Software 110

Software Education Ransomware Firmware 110

eSecurity Planet

MAY 2, 2024

Password manager : Stores passwords securely, enforces quality, permits safe internal and external sharing, and ties into HR software for effective off-boarding of users. Multi-factor authentication : Protects stolen credentials against use by requiring more than a simple username and password combination for access to resources.

Cybersecurity 119

Cybersecurity DDOS Penetration Testing Passwords 119