This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.

Remove new-ivanti-zero-day-vulnerability
Remove Blog Related Topics
Cybersecurity Threat Reports Threat Detection Cyber threats Encryption Risk Accountability Technology Architecture Data breaches More Related Topics >
article thumbnail

New Ivanti Zero-Day Vulnerability Allows Hackers to Access Sensitive APIs

Heimadal Security

AUGUST 23, 2023

Researchers observed a critical Ivanti Sentry API authentication bypass vulnerability exploited in the wild. The flaw was dubbed CVE-2023-38035 and it enables authentication bypass on Ivanti Sentry versions 9.18 and prior, due to improper Apache HTTPD configuration.

Authentication 87
Authentication Cybersecurity 87
article thumbnail

Multiple malware used in attacks exploiting Ivanti VPN flaws

Security Affairs

FEBRUARY 1, 2024

Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices. Mandiant researchers discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices.

VPN 99
VPN Malware Authentication Hacking 99
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

article thumbnail

Rapid7 found a bypass for the recently patched actively exploited Ivanti EPMM bug

Security Affairs

AUGUST 3, 2023

Researchers discovered a bypass for a recently fixed actively exploited vulnerability in Ivanti Endpoint Manager Mobile (EPMM). Rapid7 cybersecurity researchers have discovered a bypass for the recently patched actively exploited vulnerability in Ivanti Endpoint Manager Mobile (EPMM). and below). and below).

Mobile 82
Mobile Authentication Internet Internet 82
article thumbnail

Microsoft Patch Tuesday, October 2020 Edition

Krebs on Security

OCTOBER 13, 2020

Eleven of the vulnerabilities earned Microsoft’s most-dire “critical” rating, which means bad guys or malware could use them to gain complete control over an unpatched system with little or no help from users. For any of you who’ve been pining for a Flash Player patch from Adobe , your days of waiting are over.

Backups 320
Backups Malware Engineering Software 320
article thumbnail

Hackers exploit unpatched vulnerabilities, zero day to attack governments and contractors

SC Magazine

APRIL 20, 2021

While specific companies were not named, defense contractors were among those targeted as part of a campaign by at least two hacking groups that leveraged vulnerabilities Pulse Secure VPN devices. Mandiant outlined 12 malware families that they observed actively exploiting vulnerabilities in Pulse Secure VPN devices dating back to last year.

Government 104
Government VPN Malware Software 104
article thumbnail

Ransomware rolled through business defenses in Q2 2022

Malwarebytes

JULY 13, 2022

Over the last three months, ransomware gangs have increased the pressure by multiplying in number and unleashing targeted attacks on vulnerable industries, with disruptions to business operations, million-dollar ransom demands, data exfiltration, and extortion. Hive also compromised a California healthcare nonprofit later in the month.

Ransomware 108
Ransomware Manufacturing Government Computers and Electronics 108
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 

Stay Connected

Join 29,000+ Insiders by signing up for our newsletter

About
Webinars
About
Editions
Webinars
Editions
Topics
Powered by Aggregage | Terms and Conditions | Your California Rights and Privacy Policy
© Aggregage 2024