Zero-Day Exploitation of Ivanti Connect Secure and Policy Secure Gateways
On Wednesday, January 10, 2024, Ivanti disclosed two zero-day vulnerabilities affecting their Ivanti Connect Secure and Ivanti Policy Secure gateways. Learn about the avisory and get mitigation guidance.
Why Your AWS Cloud Container Needs Client-Side Security
With increasingly complicated network infrastructure and organizations needing to deploy applications across various environments, cloud containers are necessary for companies to stay agile and innovative.
The pending update to the Common Common Vulnerability Scoring System (CVSS), version 4.0, has garnered a noticeable volume of articles, blog posts and watercooler (now known as Slack and Zoom) air time. Reaction from the community has been positive. Learn more.
Poorly Purged Medical Devices Present Security Concerns After Sale on Secondary Market
A new report released today by Rapid7 principal researcher, Deral Heiland points out, even when organizations are able to take steps to mitigate concerns at the grave portion of the life cycle, they don’t.
CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability
While investigating CVE-2023-35078, a critical API access vulnerability in Ivanti Endpoint Manager Mobile and MobileIron Core that was exploited in the wild, Rapid7 discovered a new vulnerability that allows unauthenticated attackers to access the API.