New Ivanti Connect Secure Zero-Day Exploited by Threat Actors | allinfosecnews.com

Feb. 6, 2024, 6:04 p.m. | Team Nuspire

Security Boulevard securityboulevard.com

Software company Ivanti has recently raised the alarm about two new vulnerabilities impacting its products: Connect Secure, Policy Secure and ZTA gateways. Read on to learn more. Tell me more about the Ivanti zero-days The first of these vulnerabilities, tagged as CVE-2024-21893, is a zero-day flaw that’s currently being actively exploited. This flaw is a server-side request forgery issue in the SAML component of the gateways, which allows attackers to sidestep authentication and gain access to restricted areas on the …

actively exploited alarm blog connect cve cve-2024-21893 exploited flaw gateways ivanti ivanti connect secure learn policy products software threat threat actors vulnerabilities zero-day zero-day flaw zero-days zta

More from securityboulevard.com / Security Boulevard

USENIX Security ’23 – Controlled Data Races In Enclaves: Attacks And Detection 13 hours ago | securityboulevard.com

access attacks authors channel +16

What is Secure Code Review and How to Conduct it? 21 hours ago | securityboulevard.com

application assurance automated cloud security +19

Why Bot Management Should Be a Crucial Element of Your Marketing Strategy 1 day, 5 hours ago | securityboulevard.com

address advanced bot protection analytics application security +15

Cloud Monitor Identifies and Remediates Problematic VPN Use in K-12 Districts 1 day, 6 hours ago | securityboulevard.com

chief cloud cybersecurity director +24

Brothers Indicted for Stealing $25 Million of Ethereum in 12 Seconds 1 day, 8 hours ago | securityboulevard.com

blockchain cryptocurrency crypto scam cyberlaw +24

Votiro Keeps Up the Momentum in 2024 1 day, 8 hours ago | securityboulevard.com

blog momentum security security boulevard +1

Novel Threat Tactics, Notable Vulnerabilities, and Current Trends for April 2024 1 day, 9 hours ago | securityboulevard.com

april blog posts center clients +32

USENIX Security ’23 – AEX-Notify: Thwarting Precise Single-Stepping Attacks Through Interrupt Awareness For Intel SGX … 1 day, 9 hours ago | securityboulevard.com

access attacks authors awareness +15

North Korea IT Worker Scam Brings Malware and Funds Nukes 1 day, 9 hours ago | securityboulevard.com

analytics & intelligence api security appsec careers +60

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Sr. Staff Firmware Engineer – Networking & Firewall

@ Axiado | Bengaluru, India

View on infosec-jobs.com

Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)

@ SAP | Walldorf, DE, 69190

View on infosec-jobs.com

SAP Security Administrator

@ FARO Technologies | EMEA-Portugal

View on infosec-jobs.com