155 - iVanti's widespread exploitation

YusufOnSecurity.com

English - January 20, 2024 17:00 - 42 minutes - 29.5 MB
Technology cyber security security threats vulnerability exploits malware virus trojan horse worm cve Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed

Previous Episode: 154 - Exfil or DLP - Part 2

Next Episode: 156 - The risks of exposing Web UI

We love to hear from you!

When things go wrong, they go wrong fast. This week will dive into the widespread exploitation on iVanti VPN solution that attracted a lot of attention from both the security community as well as from the bad guys. What went wrong? Stay tuned.
Just before we get into iVanti, lets review the other top security news this week.

Millions of passwords of top brands such as facebook and others were found for sale.SonicWall API attracts attacks that can impacts over 170 thousand firewalls.

- https://psirt.global.sonicwall.com: CVE-2022-22274
- https://psirt.global.sonicwall.com: CVE-2023-0656
- https://forums.ivanti.com: CVE-2023-46805 Authentication Bypass and CVE-2024-21887 Command Injection for Ivanti Connect Secure and Ivanti Policy Secure Gateways
- https://forums.ivanti.com: Pulse Connect Secure (PCS) Integrity Assurance
- https://www.mandiant.com: Suspected APT targets Ivanti zeroday

Be sure to subscribe!
If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.com
You will find a list of all previous episodes in there too.