CRN

Ivanti VPN Attacks Started In Mid-December, May Have Links To China: Mandiant

Researchers at the Google Cloud-owned cybersecurity specialist say they know of ‘multiple organizations’ impacted by the exploitation of a critical Ivanti Connect Secure vulnerability. Attacks ...
Ars Technica

Ivanti warns of critical vulnerability in its popular line of endpoint protection software

Software maker Ivanti is urging users of its end-point security product to patch a critical vulnerability that makes it possible for unauthenticated attackers to execute malicious code inside affected ...
Dark Reading

Ivanti Zero-Day Exploits Skyrocket Worldwide; No Patches Yet

Thousands of Ivanti VPN instances have been compromised across the globe in the last five days thanks to two serious, as yet unpatched zero-day vulnerabilities disclosed last week. Ivanti Connect ...
Ars Technica

Actively exploited 0-days in Ivanti VPN are letting hackers backdoor networks

Unknown threat actors are actively targeting two critical zero-day vulnerabilities that allow them to bypass two-factor authentication and execute malicious code inside networks that use a widely used ...
Dark Reading

Sunken Ships: Will Orgs Learn From Ivanti EPMM Attacks?

The Ivanti Endpoint Manager Mobile (EPMM) zero-day attacks, which began last spring and lasted well into the summer as attackers took advantage of patching lag, were one of the top cyber-stories of ...