Go offline with the Player FM app!
155 - iVanti's widespread exploitation
Manage episode 396664076 series 2872461
Enjoying the content? Let us know your feedback!
When things go wrong, they go wrong fast. This week will dive into the widespread exploitation on iVanti VPN solution that attracted a lot of attention from both the security community as well as from the bad guys. What went wrong? Stay tuned.
Just before we get into iVanti, lets review the other top security news this week.
- Millions of passwords of top brands such as facebook and others were found for sale.
- SonicWall API attracts attacks that can impacts over 170 thousand firewalls.
- https://psirt.global.sonicwall.com: CVE-2022-22274
- https://psirt.global.sonicwall.com: CVE-2023-0656
- https://forums.ivanti.com: CVE-2023-46805 Authentication Bypass and CVE-2024-21887 Command Injection for Ivanti Connect Secure and Ivanti Policy Secure Gateways
- https://forums.ivanti.com: Pulse Connect Secure (PCS) Integrity Assurance
- https://www.mandiant.com: Suspected APT targets Ivanti zeroday
Be sure to subscribe!
If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.com
You will find a list of all previous episodes in there too.
181 episodes
Manage episode 396664076 series 2872461
Enjoying the content? Let us know your feedback!
When things go wrong, they go wrong fast. This week will dive into the widespread exploitation on iVanti VPN solution that attracted a lot of attention from both the security community as well as from the bad guys. What went wrong? Stay tuned.
Just before we get into iVanti, lets review the other top security news this week.
- Millions of passwords of top brands such as facebook and others were found for sale.
- SonicWall API attracts attacks that can impacts over 170 thousand firewalls.
- https://psirt.global.sonicwall.com: CVE-2022-22274
- https://psirt.global.sonicwall.com: CVE-2023-0656
- https://forums.ivanti.com: CVE-2023-46805 Authentication Bypass and CVE-2024-21887 Command Injection for Ivanti Connect Secure and Ivanti Policy Secure Gateways
- https://forums.ivanti.com: Pulse Connect Secure (PCS) Integrity Assurance
- https://www.mandiant.com: Suspected APT targets Ivanti zeroday
Be sure to subscribe!
If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.com
You will find a list of all previous episodes in there too.
181 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.