Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 5 most recent headlines Filtered view

Vendor Issues Hotfix for Critical Flaw in FortiClient Endpoint Management ServerFortinet's endpoint management security server software is under fire from attackers, who are actively targeting two critical flaws, including a fresh zero-day that facilitates unauthenticated remote code or command execution. The vendor has issued a hotfix and promised a full patch.

Bank Info Security 1 year, 9 months ago

Ivanti Confirms Exploitation of an Old Critical Vuln

Remote Code Execution Bug Exploited in Limited AttacksIvanti confirmed that hackers are exploiting an SQL injection vulnerability in its Ivanti Endpoint Manager enabling remote code execution, despite the company addressing the issue with a patch in May. The flaw allows unauthenticated attackers within the same network to execute arbitrary code.

Ivanti Faces Another SQL Injection Flaw in Popular Endpoint Manager ProductSecurity researchers have discovered another major vulnerability in Ivanti’s widely-used endpoint management system that can allow hackers to gain remote access for multiple devices at the same time, just months after the company patched a separate SQL injection flaw in the same product.

Bank Info Security 2 years, 1 month ago

Courtroom Recording Software Hit by Supply Chain Attack

Backdoored Installer Facilitates Full, Remote Takeover, Justice AV Solutions WarnsAttackers backdoored versions of widely used audiovisual recording software being distributed by Justice AV Solutions via its official download site. Experts say users should "immediately" update to patched versions, review their IT environments for signs of compromise and wipe affected endpoints.

Bank Info Security 2 years, 6 months ago

Ivanti Patches Critical Endpoint Security Vulnerability

SQL Injection Flaw Affects All Supported Versions of Ivanti Endpoint ManagerIvanti issued an urgent alert to users of its endpoint security product to patch a critical vulnerability that exposes systems to potential exploitation by unauthorized attackers. The SQL injection vulnerability tracked as CVE-2023-39336 is in all supported versions of Ivanti Endpoint Manager.