"Ivanti's Battle Against Zero-Day Exploits: Updates, Mitigations, and Delays"
CISA has issued an alert urging organizations to follow updated guidance and software updates from Ivanti to defend against vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways. The vulnerabilities, including privilege escalation and server-side request forgery, could be exploited by threat actors to take control of affected systems. CISA recommends continuous threat hunting, monitoring of authentication and account usage, and isolation of affected systems. Organizations are advised to apply patches when available and continue network hunting to detect any compromise that may have occurred before patches were implemented. This guidance supplements previous mitigation and detection advice from CISA.
- Updated: New Software Updates and Mitigations to Defend Against Exploitation of Ivanti Connect Secure and Policy Secure Gateways CISA
- CISA: Attackers Are Bypassing Ivanti VPN Bug Mitigations CRN
- Cutting Edge, Part 2: Investigating Ivanti Connect Secure VPN Zero-Day Exploitation Mandiant
- Ivanti Zero-Day Patches Delayed as 'KrustyLoader' Attacks Mount - Ivanti Zero-Day Patches Delayed as 'KrustyLoader' Attacks Mount DARKReading
- Ivanti Struggling to Hit Zero-Day Patch Release Schedule SecurityWeek
Reading Insights
0
0
2 min
vs 3 min read
79%
467 → 99 words
Want the full story? Read the original article
Read on CISA