Tag: security
US government tells federal agencies they have 48 hours to repair Ivanti VPN tech following breaches
US Government agencies using Ivanti Connect Secure and Ivanti Policy Secure have been told to disconnect these solutions immediately and not turn them back on until they’re absolutely certain they’ve been properly patched, and their networks disinfected from possible hacker incursions. This stark warning was issued by the Cybersecurity and…
Read More
Don’t believe everything you read – hackers are pushing malware via media, news sites
Hackers with an apparently novel sense of creativity have been found hiding malicious code on legitimate platforms such as video and news sites, security researchers are warning. Cybersecurity researchers from Mandiant have published a new report detailing the campaigns. As per the writeup, a threat actor labeled as UNC4990 was…
Read More
Another high severity security flaw has hit iOS and macOS devices – so update now
A high-severity flaw found in different Mac devices has been observed being abused in the wild, with users advised to apply the patch, which has been available for some time now, as soon as possible. The warning was shared by the U.S. Cybersecurity and Infrastructure Agency (CISA) as it added…
Read More
Startup claims to offer holy grail of remote connectivity — hybrid access that outperform VPN, SD-WAN and ZTNA solutions by 30x or more
A new start-up has came forward with quite a bold claim – its remote connectivity offering outperforms VPNs, SD-WAN, and ZTNA solutions, by at least 30 times. While it’s not something we could independently verify at this time, if the claim has any truth to it, it would be the…
Read More
VPN users beware — security flaws are being exploited to spread dangerous malware
Users of Ivanti’s Connect Secure (ICS) virtual private network (VPN) devices beware – the solutions carry two high severity vulnerabilities that are being chained together to deliver the Silver malware. First things first – the two vulnerabilities being abused here are tracked as CVE-2023-46805, and CVE-2024-21887. The former carries a…
Read More
If you’re using this router brand, you may want to disconnect now — security researchers found more vulnerabilities and a hardcoded password in Totolink hardware
You might not give a second thought to the brand of your router, but that may all change after security experts have warned they are not all created equal. And one brand in particular – Totolink – seems to have been plagued with a worrying amount of vulnerabilities found in…
Read More