Researchers say attackers are mass-exploiting new Ivanti VPN flaw


Key Topics in this News Article:

News Snapshot:

Hackers have begun mass exploiting a third vulnerability affecting Ivanti’s widely used enterprise VPN appliance, new public data shows. Last week, Ivanti said it had discovered two new security flaws — tracked as CVE-2024-21888 and CVE-2024-21893 — affecting Connect Secure, its remote access VPN solution used by thousands of corporations and large organizations worldwide. According to its website, Ivanti has more than 40,000 customers, including universities, healthcare organizations, and banks, whose technology allows their employees to log in from outside the office. The disclosure came not long after Ivanti confirmed two earlier bugs in Connect Secure, tracked as CVE-2023-46805 and...