Latest Ivanti news

Chemical facilities warned of possible data theft in CISA CSAT breach

CISA is warning that its Chemical Security Assessment Tool (CSAT) environment was breached in January after hackers deployed a webshell on its Ivanti device, potentially exposing sensitive security assessments and plans.
- Lawrence Abrams
- June 24, 2024
- 04:53 PM
- 1
MITRE says state hackers breached its network via Ivanti zero-days

The MITRE Corporation says a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days.
- Sergiu Gatlan
- April 19, 2024
- 03:02 PM
- 4
Ivanti warns of critical flaws in its Avalanche MDM solution

Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution.
- Sergiu Gatlan
- April 16, 2024
- 03:52 PM
- 0
New Ivanti RCE flaw may impact 16,000 exposed VPN gateways

Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution (RCE) flaw the vendor addressed earlier this week.
- Bill Toulas
- April 05, 2024
- 01:40 PM
- 0
Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks

IT security software company Ivanti has released patches to fix multiple security vulnerabilities impacting its Connect Secure and Policy Secure gateways.
- Sergiu Gatlan
- April 03, 2024
- 01:29 PM
- 0
Ivanti fixes critical Standalone Sentry bug reported by NATO

Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers.
- Sergiu Gatlan
- March 20, 2024
- 01:08 PM
- 0
CISA cautions against using hacked Ivanti VPN gateways even after factory resets

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to maintain root persistence even after performing factory resets.
- Sergiu Gatlan
- February 29, 2024
- 03:35 PM
- 1
Over 13,000 Ivanti gateways vulnerable to actively exploited bugs

Thousands of Ivanti Connect Secure and Policy Secure endpoints remain vulnerable to multiple security issues first disclosed more than a month ago and which the vendor gradually patched.
- Bill Toulas
- February 15, 2024
- 10:30 AM
- 0
Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor

Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices.
- Bill Toulas
- February 12, 2024
- 11:20 AM
- 0
Ivanti: Patch new Connect Secure auth bypass bug immediately

Today, Ivanti warned of a new authentication bypass vulnerability impacting Connect Secure, Policy Secure, and ZTA gateways, urging admins to secure their appliances immediately.
- Sergiu Gatlan
- February 08, 2024
- 02:45 PM
- 0
Newest Ivanti SSRF zero-day now under mass exploitation

An Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 is currently under mass exploitation by multiple attackers.
- Bill Toulas
- February 05, 2024
- 10:55 AM
- 1
CISA orders federal agencies to disconnect Ivanti VPN appliances by Saturday

CISA has ordered U.S. federal agencies to disconnect all Ivanti Connect Secure and Policy Secure VPN appliances vulnerable to multiple actively exploited bugs before Saturday.
- Sergiu Gatlan
- February 01, 2024
- 08:49 AM
- 0
Ivanti warns of new Connect Secure zero-day exploited in attacks

Today, Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure, and ZTA gateways, one of them a zero-day bug already under active exploitation.
- Sergiu Gatlan
- January 31, 2024
- 08:41 AM
- 0
Ivanti: VPN appliances vulnerable if pushing configs after mitigation

Ivanti warned admins to stop pushing new device configurations to appliances after applying mitigations because this will leave them vulnerable to ongoing attacks exploiting two zero-day vulnerabilities.
- Sergiu Gatlan
- January 22, 2024
- 01:24 PM
- 0
CISA emergency directive: Mitigate Ivanti zero-days immediately

CISA issued this year's first emergency directive ordering Federal Civilian Executive Branch (FCEB) agencies to immediately mitigate two Ivanti Connect Secure and Ivanti Policy Secure zero-day flaws in response to widespread and active exploitation by multiple threat actors.
- Sergiu Gatlan
- January 19, 2024
- 02:25 PM
- 0
CISA: Critical Ivanti auth bypass bug now actively exploited

CISA warns that a critical authentication bypass vulnerability in Ivanti's Endpoint Manager Mobile (EPMM) and MobileIron Core device management software (patched in August 2023) is now under active exploitation.
- Sergiu Gatlan
- January 18, 2024
- 03:51 PM
- 0
Ivanti Connect Secure zero-days now under mass exploitation

Two zero-day vulnerabilities affecting Ivanti's Connect Secure VPN and Policy Secure network access control (NAC) appliances are now under mass exploitation.
- Sergiu Gatlan
- January 15, 2024
- 08:05 PM
- 0
Ivanti Connect Secure zero-days exploited to deploy custom malware

Hackers have been exploiting the two zero-day vulnerabilities in Ivanti Connect Secure disclosed this week since early December to deploy multiple families of custom malware for espionage purposes.
- Bill Toulas
- January 12, 2024
- 10:30 AM
- 0
Ivanti warns of Connect Secure zero-days exploited in attacks

Ivanti has disclosed two Connect Secure (ICS) and Policy Secure zero-days exploited by suspected Chinese hackers in the wild that can let remote attackers execute arbitrary commands on targeted gateways.
- Sergiu Gatlan
- January 10, 2024
- 01:53 PM
- 0
Ivanti warns critical EPM bug lets hackers hijack enrolled devices

Ivanti fixed a critical remote code execution (RCE) vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers hijack enrolled devices or the core server.
- Sergiu Gatlan
- January 04, 2024
- 04:37 PM
- 0