Ivanti makes dedicated fans of Chinese spies who just can't resist attacking its buggy kit
If it ain't broke?
Datacenter Networking Nexus23 May 2025 | 1
Ivanti
'Ongoing' Ivanti hijack bug exploitation reaches clouds
Nothing like insecure code in security suites
CSO21 May 2025 | 4
Ivanti patches two zero-days under active attack as intel agency warns customers
Vendor says vulns are linked with 2 mystery open source libraries integrated into EPMM product
Patches14 May 2025 | 1
More Ivanti attacks may be on horizon, say experts who are seeing 9x surge in endpoint scans
GreyNoise says it is the kind of activity that typically precedes new vulnerability disclosures
Security25 Apr 2025 | 8
Suspected Chinese spies right now hijacking buggy Ivanti gear – for third time in 3 years
Simple denial-of-service blunder turned out to be remote unauth code exec disaster
Cyber-crime03 Apr 2025 | 3
Ivanti endpoint manager can become endpoint ravager, thanks to quartet of critical flaws
PoC exploit code shows why this is a patch priority
Patches21 Feb 2025 |
Nominet probes network intrusion linked to Ivanti zero-day exploit
Unauthorized activity detected, but no backdoors found
Security13 Jan 2025 | 6
Zero-day exploits plague Ivanti Connect Secure appliances for second year running
Factory resets and apply patches is the advice amid fortnight delay for other appliances
Patches09 Jan 2025 | 2
Three more vulns spotted in Ivanti CSA, all critical, one 10/10
Patch up, everyone – that admin portal is mighty attractive to your friendly cyberattacker
Patches11 Dec 2024 | 2
CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame
Usual three-week window to address significant risks to federal agencies applies
Cybersecurity Month10 Oct 2024 |
Ivanti patches exploited admin command execution flaw
Fears over chained attacks affecting EOL product
Patches20 Sep 2024 | 8
CISA says crooks used Ivanti bugs to snoop around high-risk chemical facilities
Crafty crims broke in but encryption stopped any nastiness
Cyber-crime25 Jun 2024 | 3
Ivanti commits to secure-by-design overhaul after vulnerability nightmare
CEO addresses whirlwind start to 2024 and how it plans to prevent a repeat
Security04 Apr 2024 | 19
Cybercrime crew Magnet Goblin bursts onto the scene exploiting Ivanti holes
Plus: CISA pulls plug on couple of systems feared compromised
Cyber-crime08 Mar 2024 | 2
LockBit's contested claim of fresh ransom payment suggests it's been well hobbled
Infosec in brief ALSO: CISA warns Ivanti vuln mitigations might not work, SAML hijack doesn't need ADFS, and crit vulns
Security04 Mar 2024 | 1
Ivanti discloses fifth vulnerability, doesn't credit researchers who found it
Software company's claim of there being no active exploits also being questioned
Security09 Feb 2024 | 5
Ivanti devices hit by wave of exploits for latest security hole
At this point you might be better off just shutting the stuff down
Security05 Feb 2024 | 5
Ivanti releases patches for VPN zero-days, discloses two more high-severity vulns
Many versions still without fixes while sophisticated attackers bypass mitigations
Patches31 Jan 2024 | 8
Ivanti and Juniper Networks accused of bending the rules with CVE assignments
Critics claim now-fixed vulnerabilities weren't disclosed, flag up grouping of multiple flaws under one CVE
Patches22 Jan 2024 | 7
Russians invade Microsoft exec mail while China jabs at VMware vCenter Server
Plus: Uncle Sam says Ivanti exploits 'consistent with PRC' snoops
Cyber-crime20 Jan 2024 | 9
Ivanti zero-day exploits explode as bevy of attackers get in on the act
Customers still patchless and mitigation only goes so far
Cyber-crime16 Jan 2024 | 6
Number of orgs compromised via Ivanti VPN zero-days grows as Mandiant weighs in
Snoops had no fewer than five custom bits of malware to hand to backdoor networks
CSO13 Jan 2024 | 4
Infoseccers think attackers backed by China are behind Ivanti zero-day exploits
Customers currently left patchless while attacks are expected to increase
Cyber-crime11 Jan 2024 | 6
Ivanti Sentry exploited in the wild, patches emitted
Good thing you're not exposing admin port 8443 to the world, right? Uh, right?
Patches22 Aug 2023 | 7
Ivanti plugs critical bug – but not before it was used against Norwegian government
Uncle Sam warns sysadmins to get patching as soon as possible
Patches26 Jul 2023 | 5
Biting the hand that feeds IT
