US Agencies Urged to Patch Ivanti VPNs That Are Actively Being Hacked

New findings from the cryptocurrency tracing firm Chainalysis show how stablecoins that are tied to the value of the US dollar were instrumental in cryptocurrency-based scams and sanctions evasion last year.
The US Federal Trade Commission reached a settlement earlier this month with the data broker X-Mode over its sale of location data gathered from phone apps to the US government and other clients.
While the action was hailed by some as a historic privacy win, it also illustrates the limitations of the FTC and the US government's data privacy enforcement power and the ways in which many companies can avoid scrutiny and consequences for failing to protect consumers' data.
The US internet provider Comcast Xfinity may gather data about customers' personal lives for personalized ads, including information about their political beliefs, race, and sexual orientation.
If you're a customer, we've got advice for opting out-to the extent that's possible.
On Friday, the US Cybersecurity and Infrastructure Security Agency issued an emergency directive requiring federal agencies to patch two vulnerabilities that are being actively exploited in the popular VPN appliances Ivanti Connect Secure and Policy Secure.
Analysis indicates that multiple actors have been hunting for and exploiting vulnerable Ivanti devices to gain access to organizations' networks around the world.
Researchers from the security firm Volexity say that at least 1,700 Connect Secure devices have been compromised overall.
Ivanti Connect Secure is a rebrand of the Ivanti product series known as Pulse Secure.
Microsoft said on Friday that it detected a system intrusion on January 12 that it is attributing to the Russian state-backed actor known as Midnight Blizzard or APT 29 Cozy Bear.
Gift card scams in which attackers trick victims into purchasing gift cards for them are a long-standing issue, but new reporting from ProPublica shows how Walmart has been particularly remiss in addressing the problem.
For a decade, the retailer has skirted pressure from both regulators and law enforcement to more closely scrutinize gift card sales and money transfers and expand employee training that could save customers from being tricked and exploited by bad actors.
Walmart defended its efforts, claiming that it has stopped more than $700 million in suspicious money transfers and refunded $4 million to victims of gift card fraud.
As rebel groups in Myanmar violently oppose the country's military government, the human trafficking and abuse fueling pig butchering scams is exacerbating the conflict.
The scams have exploded in recent years, carried out not just by bad actors, but by a workforce of forced laborers who have often been kidnapped and are being held against their will.
The UN estimates that there may be as many as 100,000 people held in scam centers in Cambodia and 120,000 in Myanmar.
In a new investigation, Consumer Reports and The Markup crowdsourced three years of archived Facebook data from 709 users of the social network to assess which data brokers and other organizations are tracking and monitoring them.
In analyzing the data, reporters found that a total of 186,892 companies sent data about the 709 individuals to Facebook.
On average, each of those users had information sent to Facebook about them by 2,230 companies.
Some users had less than the average while others had more than 7,000 companies tracking them and providing information to the social network.


This Cyber News was published on www.wired.com. Publication date: Sat, 20 Jan 2024 14:43:05 +0000


Cyber News related to US Agencies Urged to Patch Ivanti VPNs That Are Actively Being Hacked

Threat Brief: Ivanti Vulnerabilities CVE-2023-46805 and CVE-2024-21887 - On Jan. 10, 2024, Ivanti disclosed two new vulnerabilities in their Ivanti Connect Secure and Ivanti Policy Secure gateways: CVE-2023-46805 and CVE-2024-21887. The first CVE is a High severity authentication bypass vulnerability, and the second CVE ...
11 months ago Unit42.paloaltonetworks.com
Check Point released hotfix for actively exploited VPN zero-day - MUST READ. Check Point released hotfix for actively exploited VPN zero-day. Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Apple ...
6 months ago Securityaffairs.com
Ivanti discloses new zero-day flaw, releases delayed patches - Ivanti Wednesday released patches for two critical zero-day vulnerabilities that were disclosed earlier this month, but also warned customers of two new flaws, including a new zero-day that's under exploitation in the wild. In a security advisory on ...
10 months ago Techtarget.com
Ivanti urges customers to patch yet another critical vulnerability - This vulnerability only affects a limited number of supported versions-Ivanti Connect Secure, Ivanti Policy Secure version 22.5R1.1 and ZTA version 22.6R1.3. Please read between the lines that there could be unsupported versions which will never see ...
10 months ago Malwarebytes.com
Ivanti discloses fifth vulnerability The Register - In disclosing yet another vulnerability in its Connect Secure, Policy Secure, and ZTA gateways, Ivanti has confused the third-party researchers who discovered it. Researchers at watchTowr blogged today about not being credited with the discovery of ...
10 months ago Go.theregister.com
Ivanti: Patch new Connect Secure auth bypass bug immediately - Today, Ivanti warned of a new authentication bypass vulnerability impacting Connect Secure, Policy Secure, and ZTA gateways, urging admins to secure their appliances immediately. The flaw is due to an XXE weakness in the gateways' SAML component that ...
10 months ago Bleepingcomputer.com
5 Best VPNs for Travel in 2024 - VPNs are software that encrypt your online activity and adjust your IP address, protecting sensitive company data and allowing you to access geo-restricted content at the same time. In this article, we take a look at the five best VPNs for travelers. ...
9 months ago Techrepublic.com
CISA confirms compromise of its Ivanti systems - CISA confirmed two of its internal systems were breached by a threat actor that exploited flaws in Ivanti products used by the U.S. cybersecurity agency. Ivanti on Jan. 10 disclosed two zero-day vulnerabilities that were under exploitation by a ...
9 months ago Techtarget.com
Ivanti confirms 2 zero-day vulnerabilities are under attack - CISA urged enterprises to address two Ivanti zero-day vulnerabilities that remain unpatched amid reports of active exploitation by a Chinese nation-state threat actor. Ivanti published a security advisory Wednesday for an authentication bypass ...
11 months ago Techtarget.com
Ivanti: VPN appliances vulnerable if pushing configs after mitigation - Ivanti warned admins to stop pushing new device configurations to appliances after applying mitigations because this will leave them vulnerable to ongoing attacks exploiting two zero-day vulnerabilities. While the company didn't provide additional ...
11 months ago Bleepingcomputer.com
Accelerating Safe and Secure AI Adoption with ATO for AI: stackArmor Comments on OMB AI Memo - We appreciate the opportunity to comment on the proposed Memo on Agency Use of Artificial Intelligence. Ensuring agencies have access to adequate IT infrastructure,. We base our remarks on our experience helping US Federal agencies transform their ...
1 year ago Securityboulevard.com
Two Ivanti Zero-Days Actively Exploited in the Wild - Ivanti customers have been urged to follow the security vendor's suggested workaround after it confirmed that two zero-day vulnerabilities in its Connect Secure and Policy Secure gateways are being actively exploited. Connect Secure is a VPN product ...
11 months ago Infosecurity-magazine.com
US Agencies Urged to Patch Ivanti VPNs That Are Actively Being Hacked - New findings from the cryptocurrency tracing firm Chainalysis show how stablecoins that are tied to the value of the US dollar were instrumental in cryptocurrency-based scams and sanctions evasion last year. The US Federal Trade Commission reached a ...
11 months ago Wired.com
CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products - In an unprecedented move, the US government's cybersecurity agency CISA is demanding that federal agencies disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours. Within 48 hours, the agency said federal ...
10 months ago Securityweek.com
China-backed attackers blamed for Ivanti zero-day exploits The Register - Security experts believe Chinese nation-state attackers are actively exploiting two zero-day vulnerabilities in security products made by Ivanti. If you're an admin or a user of the two products affected, VPN service Ivanti Connect Secure and network ...
11 months ago Go.theregister.com
Understanding the Complexities of VPNs: Balancing Privacy and Security in the Digital Age - A U.S. traveler in Europe might face restrictions accessing certain paid streaming services available in the U.S., which can be circumvented by a VPN masking the local European IP address, thus granting access to U.S.-based content. While VPNs appear ...
7 months ago Cysecurity.news
New MOVEit Transfer critical bug is actively exploited - MUST READ. New MOVEit Transfer critical bug is actively exploited. CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. PoC ...
5 months ago Securityaffairs.com
How Cloud Solutions Can Lead to Stronger, More Secure IT Operations - Cloud services, which offer tools such as networks, servers, and data storage, can help federal agencies deliver better IT services while minimizing costs. Without adequate security measures, these services can expose agencies to cyberattacks. The ...
9 months ago Cyberdefensemagazine.com
More mass exploits hit the same buggy Ivanti devices The Register - All manner of miscreants are piling onto the latest Ivanti flaw, a server-side request forgery vulnerability tracked as CVE-2024-21893, according to threat hunters tracking the string of CVEs that have been plaguing the software shop's gateways over ...
10 months ago Go.theregister.com
Ivanti Connect Secure zero-days now under mass exploitation - Two zero-day vulnerabilities affecting Ivanti's Connect Secure VPN and Policy Secure network access control appliances are now under mass exploitation. As discovered by threat intelligence company Volexity, which also first spotted the zero-days ...
11 months ago Bleepingcomputer.com
Zcaler ThreatLabz 2024 VPN Risk Report - The growing sophistication of cyberthreats alongside the expansion of remote workforces and cloud technologies have exposed significant vulnerabilities in VPNs. Due to their legacy architecture, VPNs grant overly broad network access once credentials ...
7 months ago Cybersecurity-insiders.com
Unveiling Free VPN Risks: Protecting Online Privacy and Security - If you're seeking enhanced security and privacy for your online activities, you might be considering the use of a Virtual Private Network. Virtual Private Networks are specifically crafted to accomplish this task. A quality VPN channels your web ...
11 months ago Cysecurity.news
Ivanti US Faces Security Crisis, Threatening Worldwide Systems - In a recent development, a critical server-side request forgery vulnerability has been discovered in Ivanti Connect Secure and Ivanti Policy Secure servers, marked as CVE-2024-21893. Security experts have confirmed that this vulnerability is being ...
10 months ago Cysecurity.news
CISA: Critical Ivanti auth bypass bug now actively exploited - CISA warns that a critical authentication bypass vulnerability in Ivanti's Endpoint Manager Mobile and MobileIron Core device management software is now under active exploitation. Tracked as CVE-2023-35082, the flaw is a remote unauthenticated API ...
11 months ago Bleepingcomputer.com
VPN for Your Phone: Key to Global Email Security While Traveling - You'll need to enter the details of your VPN connection, including the VPN name, type, server address, and any required authentication credentials. One essential way to use a VPN is to protect your email communications. A VPN can be side-loaded for ...
1 year ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)