all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Add to bookmarks
Jan. 16, 2024, 10:40 a.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. Last week, software firm Ivanti reported that threat actors are exploiting two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. The flaw CVE-2023-46805 (CVSS score […]

breaking news connect cve cve-2023-46805 cve-2024-21887 experts exploitation exploited exploiting flaws hacking ics information security news it information security ivanti ivanti connect secure vpn pierluigi paganini policy secure vpn software threat threat actors vpn vulnerabilities week zero-day zero-day vulnerabilities

Visit resource

More from securityaffairs.co / Security Affairs

Google fixes fifth actively exploited Chrome zero-day this year 7 hours ago | securityaffairs.co
actively exploited address breaking news browser +24
Russia-linked APT28 targets government Polish institutions 8 hours ago | securityaffairs.co
apt apt28 attacks attribution +19
Citrix warns customers to update PuTTY version installed on their XenCenter system manually 14 hours ago | securityaffairs.co
address admin attackers breaking news +26
Dell discloses data breach impacting millions of customers 1 day, 1 hour ago | securityaffairs.co
addresses breach breaking news customers +21
Mirai botnet also spreads through the exploitation of Ivanti Connect Secure bugs 1 day, 6 hours ago | securityaffairs.co
botnet breaking news bugs connect +30
Zscaler is investigating data breach claims 1 day, 8 hours ago | securityaffairs.co
access breach breaking news claims +22
Experts warn of two BIG-IP Next Central Manager flaws that allow device takeover 1 day, 12 hours ago | securityaffairs.co
accounts admin assets big +25
LockBit gang claimed responsibility for the attack on City of Wichita 1 day, 23 hours ago | securityaffairs.co
attack city city of wichita cyber crime +25
New TunnelVision technique can bypass the VPN encapsulation 2 days, 1 hour ago | securityaffairs.co
actor attack breaking news bypass +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Offensive Cyber Analyst

@ PeopleTec | HUNTSVILLE, AL, United States
View on infosec-jobs.com

Cyber Systems Administrator

@ Peraton | San Diego, CA, United States
View on infosec-jobs.com

Senior Security Analyst (SOC)

@ Accesa & RaRo | Cluj-Napoca, Romania
View on infosec-jobs.com

Level 1 SOC Analyst

@ Telefonica Tech | Dublin, United Kingdom
View on infosec-jobs.com

Cyberspace Intelligence Analyst

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

Technical Product Manager, Electronic Warfare

@ Anduril | Costa Mesa, California, United States
View on infosec-jobs.com
View more jobs