CRN

CISA: Attackers Are Bypassing Ivanti VPN Bug Mitigations

As Ivanti Connect Secure customers await delayed patches, threat actors have ‘developed workarounds to current mitigations,’ the U.S. cybersecurity agency says. Malicious actors have “recently” ...
Ars Technica

As if 2 Ivanti vulnerabilities under exploit weren’t bad enough, now there are 3

Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, ...
CRN

CISA: Using Ivanti VPNs May Pose ‘Significant Risk’

The agency released the warning Thursday following lab research on the exploitation of vulnerabilities in Connect Secure VPN devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ...
Ars Technica

Agencies using vulnerable Ivanti products have until Saturday to disconnect them

Federal civilian agencies have until midnight Saturday morning to sever all network connections to Ivanti VPN software, which is currently under mass exploitation by multiple threat groups. The US ...
Bleeping Computer

CISA cautions against using hacked Ivanti VPN gateways even after factory resets

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to ...
Bleeping Computer

CISA emergency directive: Mitigate Ivanti zero-days immediately

CISA issued this year's first emergency directive ordering Federal Civilian Executive Branch (FCEB) agencies to immediately mitigate two Ivanti Connect Secure and Ivanti Policy Secure zero-day flaws ...
Computer Weekly

How Ivanti views patch management with a security lens

Formerly known as LANDesk, Ivanti has gone beyond providing IT management products and services over time, delving into the converging business of helping businesses identify and patch security ...
TechRepublic

New Ivanti Secure VPN Zero-Day Vulnerabilities and Patches

Read details about the new Ivanti VPN zero-day vulnerabilities, along with the latest information about patches. Most of the exposed VPN appliances are reported to be in the U.S., followed by Japan ...
Business Wire

Ivanti Unveils New Capabilities for Ivanti Neurons Platform to Continue to Enable Customers to Optimize IT and Harden their Security Posture

SALT LAKE CITY--(BUSINESS WIRE)--Ivanti, the tech company that elevates and secures Everywhere Work, today announced the release of new capabilities for the Ivanti Neurons platform to improve the ...
TechCrunch

Researchers say attackers are mass-exploiting new Ivanti VPN flaw

Hackers have begun mass exploiting a third vulnerability affecting Ivanti’s widely used enterprise VPN appliance, new public data shows. Last week, Ivanti said it had discovered two new security flaws ...
TechCrunch

Ivanti rushes to patch zero-day used to breach Norway’s government

Hackers exploited a zero-day flaw in Ivanti’s mobile endpoint management software to compromise a dozen Norwegian government agencies — and thousands of other organizations could also be at risk. The ...