VPNs European companies abused: suspected Chinese hackers
Hackers exploit critical vulnerabilities worldwide to gain control of Ivanti VPN appliances. Compromised VPNs are in Germany, the United Kingdom, Italy, and the Netherlands.
That's according to new figures from security company Censys. On Jan. 10, Ivanti announced that its product had vulnerabil... Read more
Ivanti EPMM vulnerability actively exploited
A known vulnerability in Ivanti Endpoint Manager Mobile is currently being actively exploited. Device management solution MobileIronCore is also vulnerable.
The U.S. security regulator CISA warns of this. The vulnerability is hits many Internet-connected devices. For example, data from Shodan sh... Read more
Critical vulnerability in EPM software Ivanti lets hackers take over core server
Ivanti's Endpoint Management (EPM) software contains a critical vulnerability that allows hackers to hijack even the core server. This is not the first time Ivanti has been hit by a vulnerability in its software during the period of one year.
Ivanti continues to find vulnerabilities in its softw... Read more
Ivanti fixes 14 critical vulnerabilities in Avalanche MDM solution
Ivanti recently patched as many as fourteen critical security vulnerabilities in its enterprise MDM solution Avalanche. These vulnerabilities allowed hackers to easily execute code remotely without the need for end-user interaction.
Ivanti discovered as many as 20 security vulnerabilities in its... Read more
Ivanti continues to patch vulnerabilities, this time for Sentry
Ivanti has patched a vulnerability in its software for the third time within a month. This time it involves an authentication bypass in Ivanti Sentry, formerly known as MobileIron Sentry.
Ivanti Sentry is a gateway that manages and encrypts traffic between companies' mobile devices and underlyin... Read more
Zeroday in Ivanti software exposes mainly Western countries
Servers containing Ivanti's Endpoint Manager Mobile (EPMM) solution and therefore two vulnerabilities are mainly in possession of Western companies and governments. Patches are available, but cybersecurity specialists fear hackers already breached most networks. The story started when Norway discov... Read more
Hackers have been exploiting zero-day in Ivanti software since April
The vulnerability in Ivanti software has been exploited since at least April. That is what cyber security services from Norway and the US know.
CISA from the U.S. and the Norwegian National Cyber Security Centre (NCSC-NO) are jointly releasing an advisory report, looking deeper into the zero-da... Read more
Ivanti patches another zero-day that grazed the Norwegian government
Ivanti has once again patched a zero-day vulnerability in its Endpoint Manager Mobile (EPMM) software. At issue is CVE-2023-35078, which allows malicious actors to place, modify or delete files on an Ivanti EPMM server.
Security party Mnemonic contributed to the discovery of the vulnerability. "... Read more
Ivanti patches zero-day that affected Norwegian government
Ivanti has released a patch for the CVE-2023-35078 vulnerability in its Endpoint Manager Mobile (EPMM) software.
Labeled as highly critical, the vulnerability in Ivanti's EPMM solution, also known by its former name MobileIron Core, allows hackers to access personal information on affected devic... Read more
Norwegian ministries hacked through vulnerability in Ivanti software
Twelve ministries in Norway have been hacked due to a vulnerability in Ivanti's Endpoint Manager Mobile (EPMM) solution.
According to Norwegian authorities, CVE-2023-35078 of Ivanti EPMM allowed hackers to penetrate a software platform used by 12 Norwegian ministries.
In its response to the ... Read more