Bleeping Computer

Ivanti Workspace Control hardcoded key flaws expose SQL credentials

Ivanti has released security updates to fix three high-severity hardcoded key vulnerabilities in the company's Workspace Control (IWC) solution. IWC helps enterprise admins manage desktops and ...
CSO Online

Attackers exploit Ivanti EPMM zero-days to seize control of MDM servers

Palo Alto Networks’ Unit 42 says two critical flaws are being actively abused to gain unauthenticated access, deploy persistent backdoors, and compromise entire enterprise mobile fleets even after ...
CSOonline

An onslaught of security flaws pushes Ivanti into security re-design

A day after patching a batch of high-severity vulnerabilities impacting its critical services, Ivanti has made public its plans to revamp security and vulnerability management controls. In an open ...
SDxCentral

Ivanti Releases Security Updates for Multiple Products

Ivanti released security updates to address vulnerabilities in Ivanti Avalanche, Ivanti Application Control Engine, and Ivanti EPM. Cybersecurity and Infrastructure Security Agency (CISA) encourages ...
Ars Technica

As if 2 Ivanti vulnerabilities under exploit weren’t bad enough, now there are 3

Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, ...
Dark Reading

CISO Corner: Evil SBOMs; Zero-Trust Pioneer Slams Cloud Security; MITRE's Ivanti Issue

Welcome to CISO Corner, Dark Reading's weekly digest of articles tailored specifically to security operations readers and security leaders. Every week, we'll offer articles gleaned from across our ...