shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

268
active users

#connectsecure

0 posts0 participants0 posts today
Not Simon<p><strong>Ivanti</strong> has a frequently asked questions (FAQ) blog post from 14 February 2024 addressing questions about their Ivanti Connect Secure, Policy Secure and ZTA gateway products. Important to note that <em>"As of 14 February, Ivanti has a build available for all supported versions."</em> It also responds to Eclypsium's claim of old open source code. They also dispute reporting that CVE-2024-22024 (8.3. high, disclosed 12 February by Ivanti) was being exploited after disclosure. "It is unfortunate that media reports continue to cover statements and unverified numbers from third parties that are incorrect or inflated." Ivanti officially responds to the accusations that they didn't credit watchTowr for reporting CVE-2024-22024. This reads like damage control for Ivanti's Public Relations. <br>🔗 <a href="https://www.ivanti.com/blog/key-faqs-related-to-ivanti-connect-secure-policy-secure-and-zta-gateway-vulnerabilities" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">ivanti.com/blog/key-faqs-relat</span><span class="invisible">ed-to-ivanti-connect-secure-policy-secure-and-zta-gateway-vulnerabilities</span></a></p><p><a href="https://infosec.exchange/tags/Ivanti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ivanti</span></a> <a href="https://infosec.exchange/tags/ConnectSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ConnectSecure</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/zeroday" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zeroday</span></a> <a href="https://infosec.exchange/tags/eitw" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eitw</span></a> <a href="https://infosec.exchange/tags/activeexploitation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>activeexploitation</span></a> <a href="https://infosec.exchange/tags/UTA0178" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UTA0178</span></a> <a href="https://infosec.exchange/tags/UNC5221" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UNC5221</span></a> <a href="https://infosec.exchange/tags/CVE_2023_46805" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2023_46805</span></a> <a href="https://infosec.exchange/tags/CVE_2024_21887" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2024_21887</span></a> <a href="https://infosec.exchange/tags/KEV" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KEV</span></a> <a href="https://infosec.exchange/tags/KnownExploitedVulnerabilitiesCatalog" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KnownExploitedVulnerabilitiesCatalog</span></a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISA</span></a> <a href="https://infosec.exchange/tags/CVE_2024_21888" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2024_21888</span></a> <a href="https://infosec.exchange/tags/CVE_2024_21893" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2024_21893</span></a> <a href="https://infosec.exchange/tags/CVE_2024_22024" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2024_22024</span></a></p>
Not Simon<p>Ivanti updated their security advisory today 08 February 2024 with the following information:</p><ul><li> A patch is available for Ivanti Connect Secure (versions 9.1R14.5, 9.1R17.3, 9.1R18.4, 22.4R2.3, 22.5R1.2, 22.5R2.3 and 22.6R2.2), Ivanti Policy Secure (versions 9.1R17.3, 9.1R18.4 and 22.5R1.2) and ZTA gateways (versions 22.5R1.6, 22.6R1.5 and 22.6R1.7).</li><li>As part of our ongoing investigation, we have discovered a new vulnerability. We are reporting this vulnerability as CVE-2024-22024 which allows an attacker to access certain restricted resources without authentication. We have a patch available now for the affected versions and additional versions which fix all previously disclosed vulnerabilities.This vulnerability only affects a limited number of supported versions – Ivanti Connect Secure (version 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2 and 22.5R1.1), Ivanti Policy Secure version 22.5R1.1 and ZTA version 22.6R1.3.We have no evidence of any customers being exploited by CVE-2024-22024.We are reporting these vulnerabilities in this knowledge base article as it is resolved in the patch detailed below. For supported versions where a patch has not been released, the mitigation provided on 31 January is effective at blocking this vulnerable endpoint and the patch and mitigation are available now via the standard download portal.</li></ul><p>🔗 <a href="https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">forums.ivanti.com/s/article/KB</span><span class="invisible">-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US</span></a></p><p><a href="https://infosec.exchange/tags/CVE_2024_22024" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2024_22024</span></a> <a href="https://infosec.exchange/tags/Ivanti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ivanti</span></a> <a href="https://infosec.exchange/tags/ConnectSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ConnectSecure</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a></p>
Matt Willemsen<p>All federal civilian agencies ordered to disconnect at-risk Ivanti products by Friday<br><a href="https://therecord.media/federal-civilian-agencies-ordered-to-disconnect-at-risk-ivanti-products-cisa" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">therecord.media/federal-civili</span><span class="invisible">an-agencies-ordered-to-disconnect-at-risk-ivanti-products-cisa</span></a> <a href="https://mastodon.social/tags/Ivanti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ivanti</span></a> <a href="https://mastodon.social/tags/risk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>risk</span></a> <a href="https://mastodon.social/tags/ConnectSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ConnectSecure</span></a> <a href="https://mastodon.social/tags/PolicySecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PolicySecure</span></a> <a href="https://mastodon.social/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISA</span></a> <a href="https://mastodon.social/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilities</span></a></p>
IT News<p>Agencies using vulnerable Ivanti products have until Saturday to disconnect them - Enlarge (credit: Getty Images) </p><p>Federal civilian agencies have ... - <a href="https://arstechnica.com/?p=2000723" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=2000723</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/connectsecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>connectsecure</span></a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://schleuss.online/tags/zerodays" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zerodays</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>biz</span></a>⁢ <a href="https://schleuss.online/tags/ivanti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ivanti</span></a> <a href="https://schleuss.online/tags/cisa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cisa</span></a></p>
Not Simon<p><strong>Ivanti</strong> updated their knowledge base article with an available patch: </p><blockquote><p>Update 1 February: A patch addressing all known vulnerabilities is now available for Ivanti Connect Secure version 22.5R2.2 and Ivanti Policy Secure 22.5R1.1. </p></blockquote><p><a href="https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">forums.ivanti.com/s/article/KB</span><span class="invisible">-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US</span></a></p><p><a href="https://infosec.exchange/tags/Ivanti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ivanti</span></a> <a href="https://infosec.exchange/tags/ConnectSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ConnectSecure</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/zeroday" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zeroday</span></a> <a href="https://infosec.exchange/tags/eitw" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eitw</span></a> <a href="https://infosec.exchange/tags/activeexploitation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>activeexploitation</span></a> <a href="https://infosec.exchange/tags/UTA0178" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UTA0178</span></a> <a href="https://infosec.exchange/tags/UNC5221" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UNC5221</span></a> <a href="https://infosec.exchange/tags/CVE_2023_46805" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2023_46805</span></a> <a href="https://infosec.exchange/tags/CVE_2024_21887" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2024_21887</span></a> <a href="https://infosec.exchange/tags/KEV" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KEV</span></a> <a href="https://infosec.exchange/tags/KnownExploitedVulnerabilitiesCatalog" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KnownExploitedVulnerabilitiesCatalog</span></a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISA</span></a> <a href="https://infosec.exchange/tags/CVE_2024_21888" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2024_21888</span></a> <a href="https://infosec.exchange/tags/CVE_2024_21893" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2024_21893</span></a></p>
Not Simon<p>Ivanti identified <strong>two new vulnerabilities (one actively exploited)</strong> in connection to the Ivanti Connect Secure zero-days from 10 January 2024. They are:</p><ul><li>CVE-2024-21888 (8.8 high) privilege escalation in web component "We have no evidence of customers being impacted by CVE-2024-21888 at this time"</li><li>CVE-2024-21893 (8.2 high, exploited in the wild) sever side request forgery (SSRF) in the SAML component "At the time of publication, the exploitation of CVE-2024-21893 appears to be targeted"</li></ul><p><strong>A patch is now available for Ivanti Connect Secure (versions 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2 and 22.5R1.1) and ZTA version 22.6R1.3.</strong><br>🔗 <a href="https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">forums.ivanti.com/s/article/KB</span><span class="invisible">-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US</span></a><br>blog post: <a href="https://www.ivanti.com/blog/security-update-for-ivanti-connect-secure-and-ivanti-policy-secure-gateways" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">ivanti.com/blog/security-updat</span><span class="invisible">e-for-ivanti-connect-secure-and-ivanti-policy-secure-gateways</span></a><br>security advisory: <a href="https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">forums.ivanti.com/s/article/CV</span><span class="invisible">E-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US</span></a></p><p><a href="https://infosec.exchange/tags/Ivanti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ivanti</span></a> <a href="https://infosec.exchange/tags/ConnectSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ConnectSecure</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/zeroday" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zeroday</span></a> <a href="https://infosec.exchange/tags/eitw" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eitw</span></a> <a href="https://infosec.exchange/tags/activeexploitation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>activeexploitation</span></a> <a href="https://infosec.exchange/tags/UTA0178" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UTA0178</span></a> <a href="https://infosec.exchange/tags/UNC5221" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UNC5221</span></a> <a href="https://infosec.exchange/tags/CVE_2023_46805" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2023_46805</span></a> <a href="https://infosec.exchange/tags/CVE_2024_21887" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2024_21887</span></a> <a href="https://infosec.exchange/tags/KEV" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KEV</span></a> <a href="https://infosec.exchange/tags/KnownExploitedVulnerabilitiesCatalog" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KnownExploitedVulnerabilitiesCatalog</span></a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISA</span></a> <a href="https://infosec.exchange/tags/CVE_2024_21888" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2024_21888</span></a> <a href="https://infosec.exchange/tags/CVE_2024_21893" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2024_21893</span></a></p>
Not Simon<p>Just your periodic update from <strong>Ivanti</strong> regarding their CVE-2023-46805 (8.2 high) and CVE-2024-21887 (9.1 critical) zero-days (both disclosed 10 January 2024 as exploited in the wild, has Proofs of Concept, mass exploitation):</p><p>"<strong>Update 26 January:</strong> The targeted release of patches for supported versions is delayed, this delay impacts all subsequent planned patch releases. We are now targeting next week to release a patch for Ivanti Connect Secure (versions 9.1R17x, 9.1R18x, 22.4R2x and 22.5R1.1), Ivanti Policy Secure (versions 9.1R17x, 9.1R18x and 22.5R1x) and ZTA version 22.6R1x.<br>Patches for supported versions will still be released on a staggered schedule. Instructions on how to upgrade to a supported version will also be provided.<br><strong>The timing of patch release is subject to change as we prioritize the security and quality of each release.</strong> Please ensure you are following this article to receive updates as they become available."<br>🔗 <a href="https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">forums.ivanti.com/s/article/KB</span><span class="invisible">-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US</span></a></p><p><a href="https://infosec.exchange/tags/Ivanti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ivanti</span></a> <a href="https://infosec.exchange/tags/ConnectSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ConnectSecure</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/zeroday" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zeroday</span></a> <a href="https://infosec.exchange/tags/eitw" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eitw</span></a> <a href="https://infosec.exchange/tags/activeexploitation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>activeexploitation</span></a> <a href="https://infosec.exchange/tags/UTA0178" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UTA0178</span></a> <a href="https://infosec.exchange/tags/UNC5221" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UNC5221</span></a> <a href="https://infosec.exchange/tags/CVE_2023_46805" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2023_46805</span></a> <a href="https://infosec.exchange/tags/CVE_2024_21887" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2024_21887</span></a> <a href="https://infosec.exchange/tags/KEV" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KEV</span></a> <a href="https://infosec.exchange/tags/KnownExploitedVulnerabilitiesCatalog" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KnownExploitedVulnerabilitiesCatalog</span></a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISA</span></a></p>