CyberCureME - Cyber Security Marketplace’s Post

Today, fixes have been released for the following Ivanti solutions: Ivanti Endpoint Manager Mobile (EPMM), Ivanti Cloud Service Appliance (CSA), Ivanti Velocity License Server, Ivanti Connect Secure and Policy Secure, and Ivanti Avalanche. We are aware of a limited number of customers running CSA 4.6 patch 518 and prior who have been exploited when CVE-2024-9379, CVE-2024-9380 or CVE-2024-9381 are chained with CVE-2024-8963. We have no evidence of any other vulnerabilities being exploited in the wild.

Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks: Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally addressed" by the company as part of CSA 4.6 Patch 519 and CSA 5.0. "Path Traversal in the Ivanti CSA before 4.6 Patch

Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw: Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability that is being exploited in attacks in the wild against a limited number of customers. Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability, tracked as CVE-2024-8963 (CVSS score of 9.4), actively exploited in attacks in the wild against a limited number of customers. […]

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability. Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances. "An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution," Ivanti noted in an advisory released earlier this week. "The attacker must have admin level privileges to exploit this vulnerability." https://lnkd.in/ek9RrPZ8

Three critical vulnerabilities have been discovered in Ivanti's cloud service appliance. Ivanti has patched the appliance and is requiring customers, in addition to updating it to the latest version, to check for any account creation or modification on the appliance. #Ivanti #InfoSec #SecurityOperation #CyberDefense

Do you know what Runtime Security is and how it works? It helps to protect applications and workloads while they are running, ensuring a secure environment. #5GCore #5GCoreSecurity #CloudRuntimeSecurity

⚡Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks.. Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally addressed" by the company as part of CSA 4.6 Patch 519 and CSA 5.0. "Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality," the company said in a Thursday bulletin. It also noted that the flaw could be chained with CVE-2024-8190 (CVSS score: 7.2), permitting an attacker to bypass admin authentication and execute arbitrary commands on the appliance. https://lnkd.in/gUy5VaFQ

Ivanti Patches Critical Vulnerabilities in Endpoint Manager: Ivanti has released patches for multiple vulnerabilities in Endpoint Manager, Cloud Service Appliance, and Workspace Control. The post Ivanti Patches Critical Vulnerabilities in Endpoint Manager appeared first on SecurityWeek.

Cloud Security Alliance Releases Top Threats to Cloud Computing 2024 Report. 1- Misconfiguration and inadequate change controI (#3) 2- Identity and Access Management (IAM) (#1) 3- Insecure interfaces and APIs (#2) 4- Inadequate selection/Implementation of cloud security strategy (#4) 5- Insecure third-party resources (#6) 6-Insecure software development (#5) 7-Accidental cloud data disclosure (#8) 8-System vulnerabilities (#7) 9-Limited cloud visibility/Observability 10 Unauthenticated resource sharing Advanced persistent threats (#10) https://lnkd.in/gMyJb5R5 #cloudsecurity

Excited to share the latest blog published by ⛅️ Jorge Liauw Calo and Lars Prosec at Xebia, focusing on securing Compute Engine by blocking project-wide SSH keys! 🔐 It covers best practices, discuss the risks of project-wide SSH keys, share tips for enhancing your security, and provide steps to block/mitigate these keys. Don't miss out! 🙌 #Cybersecurity #ComputeEngine #SSHKeys #GoogleCloud #cloudsecurity