Kimberly Horn’s Post

✍️Patching - 'Now' or invitation for the worst : '...According to recent industry research, 60% of breaches are linked to vulnerabilities that haven’t been patched, highlighting the dangers of delaying action. With attack vectors constantly evolving, delaying critical patches creates a perfect storm for threat actors to capitalize on weaknesses in your system. ...' - Extract #vulnerabilities #patch22 #patches #itsecurity #delays #attackvectors #skdscans

Check out this threat brief by my colleagues at Palo Alto Networks Unit 42 on the current Ivanti vulnerabilities for CVE-2023-46805 and CVE-2024-21887. #unit42 #threatbrief #ivanti

Threat Brief: Ivanti Vulnerabilities CVE-2023-46805 and CVE-2024-21887

These kinds of attacks are a major problem, and they're happening more often. When hackers exploit zero-day vulnerabilities like the ones in Ivanti’s CSA, it's a serious issue because nobody even knows the flaws exist until they’re already being used. What’s even worse here is that the attackers patched the vulnerabilities themselves after breaking in—so they can keep their access and fly under the radar. If a state-sponsored group is behind this, it’s even scarier. These kinds of attacks aren’t just about stealing data anymore; they could have much bigger goals, like destabilizing systems or preparing for something bigger down the road. We need to take threats like these seriously and move fast on defense, because when attackers patch systems to maintain control, they’re thinking long-term. This isn’t just a one-time hit—they’re setting up camp. It’s time to get real about how prepared we are and to think about stronger collaboration between companies and governments. Fixing vulnerabilities isn’t enough if we can’t keep up with the attackers who are always one step ahead.

In today's blog post, we outline 5 steps you can take to meet CISA’s Emergency Directive 24-01 and protect your agency against Ivanti vulnerabilities. https://axoni.us/3wraNMH

CISA Warns of Exploited Vulnerabilities in EOL D-Link Products: CISA has added two vulnerabilities in discontinued D-Link products to its KEV catalog, including a decade-old flaw. The post CISA Warns of Exploited Vulnerabilities in EOL D-Link Products appeared first on SecurityWeek.

MITRE is unable to compile a list of all new vulnerabilities, and NIST is unable to subsequently, and consequently, provide an enriched database of all vulnerabilities. What went wrong, and what can be done - https://lnkd.in/e9RUJ2EY

In this blog, we explain how adversaries exploit the Ivanti CVE-2023-46805 and CVE-2024-21887 vulnerabilities. We then show how security teams can use Pentera to determine their organizations’ risk exposure resulting from these CVEs and what remediation or mitigation actions they need to take. Pentera TOM SHAW TOM SHAW

In today's blog post, we outline 5 steps you can take to meet CISA’s Emergency Directive 24-01 and protect your agency against Ivanti vulnerabilities. https://axoni.us/3wraNMH

Multiple common vulnerabilities and exposures (CVE) affecting Ivanti products are detailed in this recent Palo Alto Networks Unit 42 threat brief. The CVEs include: ➡ CVE-2023-46805 ➡ CVE-2024-21887 ➡ CVE-2024-21888 ➡ CVE-2024-21893 ➡ CVE-2023-46805 Attack surface management tools like Cortex Xpanse can often detect assets and systems that have these vulnerabilities. Give a listen to Unit 42 Threat Vector to learn strategies against these Ivanti vulnerabilities.