News Snapshot:
Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, researchers said Monday. The new vulnerability, tracked as CVE-2024-21893, is what’s known as a server-side request forgery. Ivanti disclosed it on January 22, along with a separate vulnerability that so far has shown no signs of being exploited. Last Wednesday, nine days later, Ivanti said CVE-2024-21893 was under active exploitation, aggravating an already chaotic few weeks. All of the vulnerabilities affect Ivanti’s Connect Secure and Policy Secure VPN products. A tarnished reputation and...
News Timeline:
Track the development of related news across the Internet.
January 24, 2024
08:36
Mass exploitation of Ivanti VPNs is infecting networks around the globe
Source: arstechnica.com
December 20, 2023
06:14
Xfinity waited 13 days to patch critical Citrix Bleed 0-day. Now it’s paying the price
Source: ChinaTechNews.com
September 24, 2023
12:41
5 Eyes hold the secrets behind Trudeau’s charges. India must worry about its vulnerabilities
Source: ChinaTechNews.com
August 10, 2023
04:58
How an unpatched Microsoft Exchange 0-day likely caused one of the UK’s biggest hacks ever
Source: arstechnica.com
August 3, 2023
06:09
Microsoft comes under blistering criticism for “grossly irresponsible” security
Source: arstechnica.com
June 2, 2023
22:57
Zero-click iOS exploit has been infecting iPhones with ‘Triangulation’ spyware since 2019
Source: techspot.com
