Free Video Downloader

Fast and free all in one video downloader

For Example: https://www.youtube.com/watch?v=OLCJYT5y8Bo

1

Copy shareable video URL

2

Paste it into the field

3

Click to download button

CISA issues warning about another Ivanti flaw under active attack
October 4, 2024

CISA issues warning about another Ivanti flaw under active attack

MediaDownloaderSecurity
Reading Time: 2 minutes

Hackers are exploiting yet another vulnerability in one of Ivanti’s widely used enterprise products, the U.S. government’s cybersecurity agency CISA warned in a fresh alert this week.

The remote code execution flaw in Ivanti Endpoint Manager (EPM), a tool that helps organizations manage and secure their fleets of employee devices, was first disclosed by Trend Micro’s Zero Day Initiative in April and patched by Ivanti the following month. 

The bug allows an unauthenticated attacker to remotely run malicious code on an affected Ivanti customer’s server.

Now CISA says hackers are actively exploiting this vulnerability — tracked as CVE-2024-29824 — to hack into unpatched systems, according to its advisory on Wednesday, citing evidence of active exploitation. CISA’s advisory requires that all federal civilian agencies update vulnerable systems by October 23 to defend against exploitation.

‘These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,’ CISA said.

Ivanti, the U.S.-based IT software company with over 40,000 corporate customers — including much of the Fortune 100, confirmed in an update to its May security advisory this week that the vulnerability was actively used to target a ‘limited number’ of Ivanti customers.

The company is no stranger to hackers abusing vulnerabilities in its software. Earlier this year, it confirmed that hackers were mass-exploiting vulnerabilities in Connect Secure, Ivanti’s remote access VPN solution used by thousands of corporations and large organizations worldwide.

This disclosure came just weeks after Ivanti confirmed the exploitation of two earlier zero-day flaws in Connect Secure. Security researchers linked the attacks to China-backed hackers who had been using the vulnerabilities to break into customer networks and steal information.

Reference: https://techcrunch.com/2024/10/03/cisa-issues-warning-about-another-ivanti-flaw-under-active-attack/

Ref: techcrunch

MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG

cisaCybersecurityivantivulnerability

Leave a Reply

Your email address will not be published. Required fields are marked *