9to5Mac

Apple @ Work: Ivanti patches a critical bug in Ivanti Endpoint Manager that would allow for device takeover

Apple @ Work is brought to you by Kolide, the device trust solution that ensures that if a device isn’t secure, it can’t access your cloud apps. If you have Okta, Kolide can help you get your fleet to ...
Bleeping Computer

Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor

Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. The ...
CRN

CISA: Attackers Are Bypassing Ivanti VPN Bug Mitigations

As Ivanti Connect Secure customers await delayed patches, threat actors have ‘developed workarounds to current mitigations,’ the U.S. cybersecurity agency says. Malicious actors have “recently” ...
CSOonline

Ivanti patches critical EPM flaw that could allow hackers to hijack managed devices

No real-world exploits of the vulnerability are known, but attackers have taken advantage of device management solutions in the past. A vulnerability patched in the Ivanti Endpoint Manager (EPM), an ...
CRN

US Agencies Must Disconnect Ivanti VPN Devices Amid ‘Substantial Threat’: CISA

The cybersecurity agency has ordered the VPN disconnection by a Saturday deadline, as attackers exploit multiple vulnerabilities in Ivanti Connect Secure devices. U.S. agencies must disconnect Ivanti ...
Bleeping Computer

Ivanti releases patches for 13 critical Avalanche RCE flaws

Ivanti has released security updates to fix 13 critical security vulnerabilities in the company's Avalanche enterprise mobile device management (MDM) solution. Avalanche allows admins to manage over ...