Ivanti: VPN appliances vulnerable if pushing configs after mitigation

Jan. 22, 2024, 6:24 p.m. | Sergiu Gatlan

BleepingComputer www.bleepingcomputer.com

Ivanti warned admins to stop pushing new device configurations to appliances after applying mitigations because this will leave them vulnerable to ongoing attacks exploiting two zero-day vulnerabilities. [...]

attacks device exploiting ivanti mitigation mitigations security vpn vulnerabilities vulnerable zero-day zero-day vulnerabilities

Visit resource

More from www.bleepingcomputer.com / BleepingComputer

Android bug can leak DNS traffic with VPN kill switch enabled 10 hours ago | www.bleepingcomputer.com

android android devices block bug +15

NSA warns of North Korean hackers exploiting weak DMARC email policies 12 hours ago | www.bleepingcomputer.com

apt43 attacks authentication dmarc +19

Google rolls back reCaptcha update to fix Firefox issues 14 hours ago | www.bleepingcomputer.com

back bug captcha firefox +11

NATO and EU condemn Russia's cyberattacks against Germany, Czechia 15 hours ago | www.bleepingcomputer.com

apt28 campaign countries cyber +14

Microsoft rolls out passkey auth for personal Microsoft accounts 16 hours ago | www.bleepingcomputer.com

accounts auth authenticate biometric +20

CEO who sold fake Cisco devices to US military gets 6 years in prison 1 day, 9 hours ago | www.bleepingcomputer.com

ceo cisco companies counterfeit +14

Bitwarden launches new MFA Authenticator app for iOS, Android 1 day, 11 hours ago | www.bleepingcomputer.com

android android devices app authenticator +12

CISA urges software devs to weed out path traversal vulnerabilities 1 day, 11 hours ago | www.bleepingcomputer.com

cisa companies fbi path +9

Police shuts down 12 fraud call centres, arrests 21 suspects 1 day, 13 hours ago | www.bleepingcomputer.com

albania arrests bosnia bosnia and herzegovina +17

Principal Security Engineer

@ Elsevier | Home based-Georgia

View on infosec-jobs.com

Infrastructure Compliance Engineer

@ NVIDIA | US, CA, Santa Clara

View on infosec-jobs.com

Information Systems Security Engineer (ISSE) / Cybersecurity SME

@ Green Cell Consulting | Twentynine Palms, CA, United States

View on infosec-jobs.com

Sales Security Analyst

@ Everbridge | Bengaluru

View on infosec-jobs.com

Alternance – Analyste Threat Intelligence – Cybersécurité - Île-de-France

@ Sopra Steria | Courbevoie, France

View on infosec-jobs.com

Third Party Cyber Risk Analyst

@ Chubb | Philippines

View on infosec-jobs.com

View more jobs

all InfoSec news

Ivanti: VPN appliances vulnerable if pushing configs after mitigation

More from www.bleepingcomputer.com / BleepingComputer

Jobs in InfoSec / Cybersecurity

Principal Security Engineer

Infrastructure Compliance Engineer

Information Systems Security Engineer (ISSE) / Cybersecurity SME

Sales Security Analyst

Alternance – Analyste Threat Intelligence – Cybersécurité - Île-de-France

Third Party Cyber Risk Analyst