all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Ivanti Connect Secure zero-days exploited by attackers (CVE-2023-46805, CVE-2024-21887)

Add to bookmarks
Jan. 11, 2024, 11:35 a.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

Two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti Connect Secure VPN devices are under active exploitation by unknown attackers, Volexity researchers have discovered. Patches for these flaws are currently unavailable, but the risk of exploitation can be mitigated by importing mitigation.release.20240107.1.xml file via Ivanti’s download portal. About the vulnerabilities (CVE-2023-46805 and CVE-2024-21887) The two security flaws affect all supported versions (v9.x and 22.x) of Ivanti Connect Secure (ICS) – formerly known as Pulse Connect Secure – … More


The post …

0 day apt attackers backdoor connect cve devices don't miss download enterprise exploitation exploited file flaws hot stuff ivanti mitigation patches portal release researchers risk secure vpn under volexity vpn vulnerabilities web shell xml zero-day zero-days zero-day vulnerabilities

Visit resource

More from www.helpnetsecurity.com / Help Net Security

ESET launches two MDR subscription tiers for SMBs and enterprises an hour ago | www.helpnetsecurity.com
and response businesses detection detection and response +15
ThreatX provides always-active API security from development to runtime an hour ago | www.helpnetsecurity.com
api api security application application protection +19
CyberQP unveils solutions to help MSPs proactively prevent security incidents 2 hours ago | www.helpnetsecurity.com
account api capabilities cyberqp +16
Triangulation fraud: The costly scam hitting online retailers 5 hours ago | www.helpnetsecurity.com
ai-powered america artificial intelligence attacks +33
Tracecat: Open-source SOAR 6 hours ago | www.helpnetsecurity.com
ai models alerts automation best practices +20
Why the automotive sector is a target for email-based cyber attacks 6 hours ago | www.helpnetsecurity.com
abnormal abnormal security advanced attacks +28
Passwords under seven characters can be easily cracked 7 hours ago | www.helpnetsecurity.com
algorithms can characters crack +17
Security analysts believe more than half of tasks could be automated 7 hours ago | www.helpnetsecurity.com
analysts anomali artificial intelligence automated +22
eBook: Do you have what it takes to lead in cybersecurity? 8 hours ago | www.helpnetsecurity.com
can cybersecurity cybersecurity field cybersecurity teams +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Engineer

@ Core10 | Nashville, Tennessee, United States - Remote
View on infosec-jobs.com

Security Operations Engineer I

@ Jamf | US Remote
View on infosec-jobs.com

IT Security ISSO Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

Compliance Officer

@ Aspire Software | Canada - Remote
View on infosec-jobs.com

Security Operations Center (SOC) - AVP

@ Paytm | Noida, Uttar Pradesh
View on infosec-jobs.com
View more jobs