FlagThis

CyberSecurity updates
Updated: 2024-11-21 11:32:27 Pacfic
ciso2ciso.com
Critical Vulnerability in Ivanti Cloud Service Appliance Actively Exploited - 5d
Read more: ciso2ciso.com

A critical vulnerability in Ivanti’s Cloud Service Appliance (CSA) has been actively exploited by attackers. The flaw, tracked as CVE-2024-8190, allows attackers to gain unauthorized access to sensitive data and execute arbitrary commands on vulnerable systems. The vulnerability exists in the CSA’s authentication mechanism and can be exploited by attackers who can send specially crafted requests to the CSA. This attack vector allows attackers to bypass the CSA’s security measures and gain access to the underlying operating system. The vulnerability has been exploited in the wild by a suspected nation-state adversary. There are strong indications that China is behind the attacks. Organizations using Ivanti CSA should prioritize patching the vulnerability immediately to reduce their risk of being compromised.

References:
  • malware.news - GoldenJackal Targets Embassies, Steals Data from Air-Gapped Systems - 12d
  • securityboulevard.com - GoldenJackal Targets Embassies, Steals Data from Air-Gapped Systems - 12d
  • www.scworld.com - GoldenJackal threat group targets air-gapped government systems - 12d
  • malware.news - Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. - 12d
  • malware.news - This article discusses the vulnerabilities patched in Microsoft's October 2024 Patch Tuesday, including the two actively exploited zero-days. - 11d
  • www.mozilla.org - Critical #Firefox #vulnerability (#CVE-2024-9680) actively exploited. Update to Firefox 131.0.2, ESR 115.16.1, or ESR 128.3.1 - 11d
  • cyberinsider.com - Mozilla announced a critical vulnerability affecting its Firefox and Firefox ESR (Extended Support Release) browsers, which is being actively exploited in the wild. - 11d
  • sra.io - Critical #Firefox #vulnerability (#CVE-2024-9680) actively exploited. Update to Firefox 131.0.2, ESR 115.16.1, or ESR 128.3.1 - 11d
  • Security Risk Advisors - Critical #Firefox #vulnerability (#CVE-2024-9680) actively exploited. Update to Firefox 131.0.2, ESR 115.16.1, or ESR 128.3.1 - 11d
  • www.cisa.gov - CISA Adds Three Known Exploited Vulnerabilities to Catalog - 11d
  • Malware Analysis, News and Indicators - Malware.news post about the October Patch Tuesday and five zero-day vulnerabilities fixed - 10d
  • Cyble - Cyble provides detailed information about the vulnerabilities in Ivanti products, including CVE-2024-7612, CVE-2024-9379, CVE-2024-9380, and more. - 9d
  • www.ivanti.com - Ivanti's official blog post addresses vulnerabilities affecting Ivanti Cloud Service Application (CSA) and other products, emphasizing the importance of updating to the latest versions. - 9d
  • ciso2ciso.com - This article mentions the active exploitation of vulnerabilities in Ivanti CSA. - 8d
  • Vulnerability Archives - This news article provides details about the sophisticated cyberattack targeting the Ivanti CSA. - 8d
  • @jos1264 - Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited – Source:thehackernews.com - 7d
  • www.fortinet.com - Fortinet's blog post about the vulnerabilities, including details on the attack chain, exploited vulnerabilities, and impact. - 5d
  • All CISA Advisories - CISA adds the vulnerability to its catalog - 5d
  • Security Archives - SecurityAffairs article about the vulnerability - 5d
  • www.scworld.com - Ivanti CSA bugs leveraged in suspected nation-state attack - 5d
  • Malware Analysis, News and Indicators - Malware.news report on Ivanti CSA bugs leveraged in a suspected nation-state attack - 5d
  • @jos1264 - SecurityWeek.com's news on Chinese state hackers suspected in Ivanti CSA zero-day attacks - 5d

Classification:
  • HashTags: Ivanti CSA CVE-2024-8190 ZeroDay
  • Company: Ivanti
  • Target: Ivanti Cloud Service Appliance
  • Attacker: China
  • Product: Cloud Service Appliance
  • Feature: Authentication Mechanism
  • Type: Vulnerability
  • Severity: Major

This site is an experimental news aggregator using feeds I personally follow. You can reach me at Bluesky if you have feedback or comments.