all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893)

Add to bookmarks
Feb. 13, 2024, 10:58 a.m. | Helga Labus

Help Net Security www.helpnetsecurity.com

Hackers are actively exploiting a vulnerability (CVE-2024-21893) in Ivanti Connect Secure, Policy Secure and Neurons for ZTA to inject a “previously unknown and interesting backdoor” dubbed DSLog. CVE-2024-21893 patches and exploitation Ivanti disclosed CVE-2024-21893 – a server-side request forgery (SSRF) vulnerability in the SAML component of Ivanti Connect Secure, Policy Secure and Neurons for ZTA – in late January, when it issued patches for affected devices. At the same time, the company also fixed CVE-2024-21888, … More →


The post …

attackers backdoor connect connect secure cve cve-2024-21893 devices don't miss exploit exploitation exploiting forgery hackers hot stuff inject ivanti ivanti connect secure novel orange cyberdefense patches policy policy secure request saml server server-side request forgery ssrf vulnerability vulnerable zta

Visit resource

More from www.helpnetsecurity.com / Help Net Security

Most people still rely on memory or pen and paper for password management 1 day, 12 hours ago | www.helpnetsecurity.com
accounts australia authentication bitwarden +24
LSA Whisperer: Open-source tools for interacting with authentication packages 1 day, 13 hours ago | www.helpnetsecurity.com
authentication azuread cybersecurity github +16
What AI can tell organizations about their M&A risk 1 day, 13 hours ago | www.helpnetsecurity.com
acquisition adoption ai adoption amp +19
Breaking down the numbers: Cybersecurity funding activity recap 1 day, 14 hours ago | www.helpnetsecurity.com
10 million aim aim security alethea +55
New infosec products of the week: April 26, 2024 1 day, 14 hours ago | www.helpnetsecurity.com
april capabilities cyber cyberint +21
Net neutrality has been restored 1 day, 23 hours ago | www.helpnetsecurity.com
actions broadband communications consumers +24
Stellar Cyber and Acronis team up to provide optimized threat detection solutions for MSPs 2 days, 4 hours ago | www.helpnetsecurity.com
acronis aim and response cloud +22
Edgio Client-Side Protection enables organizations to secure critical customer data 2 days, 4 hours ago | www.helpnetsecurity.com
apis browser client client-side +26
IBM to buy HashiCorp in $6.4 billion cash deal, expanding cloud portfolio 2 days, 5 hours ago | www.helpnetsecurity.com
agreement capabilities cash cloud +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cybersecurity Engineer

@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 300) non-client
View on infosec-jobs.com

Invoice Compliance Reviewer

@ AC Disaster Consulting | Fort Myers, Florida, United States - Remote
View on infosec-jobs.com

Technical Program Manager II - Compliance

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Head of U.S. Threat Intelligence / Senior Manager for Threat Intelligence

@ Moonshot | Washington, District of Columbia, United States
View on infosec-jobs.com

Customer Engineer, Security, Public Sector

@ Google | Virginia, USA; Illinois, USA
View on infosec-jobs.com
View more jobs