On Wednesday, January 10, 2024, Ivanti disclosed two zero-day vulnerabilities affecting their Ivanti Connect Secure and Ivanti Policy Secure gateways. Learn about the avisory and get mitigation guidance.
With increasingly complicated network infrastructure and organizations needing to deploy applications across various environments, cloud containers are necessary for companies to stay agile and innovative.Read the Full Story
The pending update to the Common Common Vulnerability Scoring System (CVSS), version 4.0, has garnered a noticeable volume of articles, blog posts and watercooler (now known as Slack and Zoom) air time. Reaction from the community has been positive. Learn more.Read the Full Story
A new report released today by Rapid7 principal researcher, Deral Heiland points out, even when organizations are able to take steps to mitigate concerns at the grave portion of the life cycle, they don’t.Read the Full Story
While investigating CVE-2023-35078, a critical API access vulnerability in Ivanti Endpoint Manager Mobile and MobileIron Core that was exploited in the wild, Rapid7 discovered a new vulnerability that allows unauthenticated attackers to access the API.Read the Full Story