CISA tags critical Ivanti EPM flaws as actively exploited in attacks
#Security #Cybersecurity #CISA #VPN #Networking #Ivanti #PulseSecure #Vulnerability #Breach #ZeroDay
CISA tags critical Ivanti EPM flaws as actively exploited in attacks
#Security #Cybersecurity #CISA #VPN #Networking #Ivanti #PulseSecure #Vulnerability #Breach #ZeroDay
Mycology and defending against threats and vulnerability of mycelium is similar to Cyber in many ways. The devil is in the details... #Fortinet I feel vindicated for hand crafted bare metal Linux firewalls where I was in control of patches, scheduled jobs, iptables, htb, live monitoring, software updates and version controls... Shocked at how badly some device life cycles have been managed. #PulseSecure #Cisco make so much work. We pay for this trust in vendors more interested in profit than security.
We're still discovering further ramifications to #Ivanti's #PulseSecure vulnerabilities (#CVE_2023_46805 & #CVE_2024_21887). In February, we identified two new backdoors: #SparkCockpit & #SparkTar. Both backdoors employ selective interception of TLS communication, offer multiple degrees of persistence and access possibilities into the victim network (e.g., traffic tunneling through SOCKS proxy).
👀 Analysis & detection rules at https://blog.nviso.eu/2024/03/01/covert-tls-n-day-backdoors-sparkcockpit-sparktar/
The findings of our investigation have been independently corroborated by the research performed by Mandiant and have partially been observed by Fortinet.
Mein ehemals liebster Arbeitgeber wurde ja 2021 von eine Konzern geschluckt. 💔
Es war dem Konzern sehr wichtig das man unbedingt das gute #openvpn durch #ivanti bzw. damals noch #pulsesecure ersetzt. Bedenken waren egal, denn es ging ja um Compliance, nicht um Security.
Auch Hinweise auf die CVE Sammlung von Ivanti haben nicht zum umdenken angeregt. "Works for >100k" war eine relevantere Metrik als diverse CVSS > 8.0. 🤷
Ivanti sammelt CVEs wie andere Pokemon.
Konzerne: 😍
Security: 🙈
True facts. AFAICT, the #Ivanti mess is technical-debt chickens coming home to roost. I was at #NetScreen when we acquired #Neoteris (originators of the #SSLVPN product), and then over the next two decades #Juniper > #PulseSecure > #Ivanti have tortured that legacy codebase with everything from FrankenNAC to PE-driven developer offshoring to bolt-on cloud-service offerings. TBH the only thing that surprises me about this is that it took so long.
Pouring one out for what was truly a revolutionary #VPN solution when it debuted 20-some years ago...
#VPN #Fortinet : 3 vulnérabilités dont #Zerologon et #PulseSecure permettent de collecter 49 577 IPs !
#VPN #PulseSecure : le stockage et le chiffrement des mots de passe étaient accessibles depuis le registre #Windows !
Élections présidentielles américaines : intensification des #cyberattaques depuis des failles nouvelles et existantes relatives aux #VPN !
#securite #Elections2020 #Zerologon #Citrix #MDM #PulseSecure
Feds Hit with Successful Cyberattack, Data Stolen - The attack featured a unique, multistage malware and a likely PulseSecure VPN exploit. https://threatpost.com/feds-cyberattack-data-stolen/159541/ #microsoftoffice365credentials #dataexfiltration #federalagency #inetinfo.exe #cyberattack #pulsesecure #spycampaign #government #cisaalert #espionage #malware #exploit #hacks
#Monsoon : la faille liée à #PulseSecure affecte le commerçant et 45 000 comptes-utilisateurs !
#VPN #PulseSecure : mise à nue de données provenant de plus de 900 #serveurs !
https://blog.sosordi.net/…/vpn-pulse-secure-mise-a-nue-de-d…
Top 10 most exploited vulnerabilities list released by FBI, DHS CISA - The agencies say it's vital to prioritize patching. Otherwise, we're making it easy for attackers ... more: https://nakedsecurity.sophos.com/2020/05/15/top-10-most-exploited-vulnerabilities-list-released-by-fbi-dhs-cisa/ #objectlinkingandembedding #vulnerabilitylist #securitythreats #vulnerability #apachestruts #pulsesecure #adobeflash #sharepoint #office365 #exploits #malware #citrix #drupal #.net #cisa #ole #vpn
DHS Urges Pulse Secure VPN Users To Update Passwords - The DHS urged organizations to update their passwords and make sure that a critical Pulse Secure V... more: https://threatpost.com/dhs-urges-pulse-secure-vpn-users-to-update-passwords/154925/ #credentialpassword #vulnerabilities #pulsesecurevpn #criticalflaw #pulsesecure #password #hacks #cisa #dhs
REvil ransomware exploiting VPN flaws made public last April - Researchers report flaws, vendors issue patches, organisations apply them - and everyone lives hap... more: https://nakedsecurity.sophos.com/2020/01/08/revil-ransomware-exploiting-vpn-flaws-made-public-last-april/ #badpacketsreport #securitythreats #vulnerability #pulsesecure #ransomware #sodinokibi #malware #revil #vpn
Sodinokibi Ransomware Behind Travelex Fiasco: Report - Researchers suspect the cybercriminals attacked using an unpatched critical vulnerability in the c... more: https://threatpost.com/sodinokibi-ransomware-travelex-fiasco/151600/ #foreigncurrencyexchange #unpatchedservers #vulnerabilities #cve-2019-11510 #cve-2019-11539 #cyberattack #pulsesecure #ransomware #sodinokibi #travelex #malware #vpn