Przejdź do trybu offline z Player FM !
155 - iVanti's widespread exploitation
Manage episode 396664076 series 2872461
Enjoying the content? Let us know your feedback!
When things go wrong, they go wrong fast. This week will dive into the widespread exploitation on iVanti VPN solution that attracted a lot of attention from both the security community as well as from the bad guys. What went wrong? Stay tuned.
Just before we get into iVanti, lets review the other top security news this week.
- Millions of passwords of top brands such as facebook and others were found for sale.
- SonicWall API attracts attacks that can impacts over 170 thousand firewalls.
- https://psirt.global.sonicwall.com: CVE-2022-22274
- https://psirt.global.sonicwall.com: CVE-2023-0656
- https://forums.ivanti.com: CVE-2023-46805 Authentication Bypass and CVE-2024-21887 Command Injection for Ivanti Connect Secure and Ivanti Policy Secure Gateways
- https://forums.ivanti.com: Pulse Connect Secure (PCS) Integrity Assurance
- https://www.mandiant.com: Suspected APT targets Ivanti zeroday
Be sure to subscribe!
If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.com
You will find a list of all previous episodes in there too.
193 odcinków
Manage episode 396664076 series 2872461
Enjoying the content? Let us know your feedback!
When things go wrong, they go wrong fast. This week will dive into the widespread exploitation on iVanti VPN solution that attracted a lot of attention from both the security community as well as from the bad guys. What went wrong? Stay tuned.
Just before we get into iVanti, lets review the other top security news this week.
- Millions of passwords of top brands such as facebook and others were found for sale.
- SonicWall API attracts attacks that can impacts over 170 thousand firewalls.
- https://psirt.global.sonicwall.com: CVE-2022-22274
- https://psirt.global.sonicwall.com: CVE-2023-0656
- https://forums.ivanti.com: CVE-2023-46805 Authentication Bypass and CVE-2024-21887 Command Injection for Ivanti Connect Secure and Ivanti Policy Secure Gateways
- https://forums.ivanti.com: Pulse Connect Secure (PCS) Integrity Assurance
- https://www.mandiant.com: Suspected APT targets Ivanti zeroday
Be sure to subscribe!
If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.com
You will find a list of all previous episodes in there too.
193 odcinków
Wszystkie odcinki
×Zapraszamy w Player FM
Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.