Security Boulevard

Our Vulnerability Research team looks back at a great year and summarizes the highlights of 2024.

The post Vulnerability Research Highlights 2024 appeared first on Security Boulevard.

When a former employee retains access to sensitive systems months after leaving, it's more than a security oversight—it's a serious business risk. Learn true costs of poor access management, from immediate impacts to long-term reputation damage, and discover practical steps to protect your business.

The post The Hidden Costs of Poor Access Management: Why Small Businesses Can’t Afford to Ignore It appeared first on Security Boulevard.

SafeBreach CEO and Co-founder Guy Bejerano reflects on the highlights and accomplishments of the team and surrounding community in 2024.

The post SafeBreach 2024 Year in Review: Reflections from Co-Founder & CEO Guy Bejerano appeared first on SafeBreach.

The post SafeBreach 2024 Year in Review: Reflections from Co-Founder & CEO Guy Bejerano appeared first on Security Boulevard.

Addressing configuration drift - a seemingly minor issue - is essential to maintaining a secure and resilient IT environment. 

The post Security Implications of Configuration Drift  appeared first on Security Boulevard.

The Biden-Harris Administration’s Bipartisan Infrastructure Law, also known as the Infrastructure Investment and Jobs Act (IIJA), allows organizations to receive government grant money for improved cybersecurity.

The post Leveraging Government Grants to Enhance Critical Security Systems appeared first on Security Boulevard.

Our nation’s critical infrastructure is increasingly brittle and under attack. Take the recent report that the drinking water of millions of Americans is at risk due to technical vulnerabilities.

The post Building Resilience Into Cyber-Physical Systems Has Never Been This Mission-Critical   appeared first on Security Boulevard.

The use of container technologies for software development and release has proliferated over the past year, heightening the need for organizations to implement updated security controls and processes to mitigate risk.

The post Get real about container security: 4 essential practices to manage risk appeared first on Security Boulevard.

A bad actor is using a Microsoft 365 test domain and a self-created distribution list to bypass traditional email protections and entice victims to hand over their PayPal account information in what Fortinet's CISO is calling a "phish-free" phishing campaign.

The post Fortinet CISO Details ‘Phish-Free’ Phishing Scheme Using PayPal appeared first on Security Boulevard.

The Indian cybersecurity ecosystem is experiencing significant growth, making it one of the fastest-growing and most important technology spaces globally. As cyber threats increase in scale and sophistication, it’s essential...

The post Top Cybersecurity Conferences & Events in India 2025  appeared first on Strobes Security.

The post Top Cybersecurity Conferences & Events in India 2025  appeared first on Security Boulevard.

DLP tools protect sensitive information from unauthorized access, sharing, or accidental loss. With the rise in data breaches and cyber threats, companies must safeguard their intellectual property, personally identifiable information (PII), and financial data.  Are Data Loss Prevention Tools Required? While not every business is legally required to implement DLP tools, the growing prevalence of […]

The post Top 10 Data Loss Prevention (DLP) Tools for 2025 appeared first on Centraleyes.

The post Top 10 Data Loss Prevention (DLP) Tools for 2025 appeared first on Security Boulevard.

Why is Privileged Access Management Crucial for Risk Mitigation? Managing Non-Human Identities (NHIs) has become a central issue. The complex landscape of digital transformation is precipitating increased attention towards effective Privileged Access Management (PAM). But what exactly is PAM? How does it contribute to risk mitigation? Let’s dissect this crucial cybersecurity strategy. Understanding Privileged Access […]

The post Mitigating Risks with Privileged Access Management appeared first on Entro.

The post Mitigating Risks with Privileged Access Management appeared first on Security Boulevard.

Why is Secrets Scanning Critical for Cloud Security? Have you ever considered how secrets scanning could be the vital ingredient your organization needs to optimize cloud security? As technology advances at a relentless pace, so do the threats and vulnerabilities that pose significant risks to business operations. The challenge for cybersecurity professionals lies in equipping […]

The post Optimizing Cloud Security with Advanced Secrets Scanning appeared first on Entro.

The post Optimizing Cloud Security with Advanced Secrets Scanning appeared first on Security Boulevard.

6 min readFrom DNA to data, explore the unanswered questions of identity and the challenges of securing a non-human world.

The post What Makes You… You? A Philosophical Take on Non-Human Identity appeared first on Aembit.

The post What Makes You… You? A Philosophical Take on Non-Human Identity appeared first on Security Boulevard.

Author/Presenter: Dr. Muhsinah Morris

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Student Engagement Doesn’t Have to Suck appeared first on Security Boulevard.

The data of more than 8,500 customers were exposed during an attack on the Green Bay Packers online retail website in which the hackers were able to bypass security measure and install malicious code, steal customers' names, addresses, and credit card information.

The post Green Bay Packers Retail Site Hacked, Data of 8,500 Customers Exposed appeared first on Security Boulevard.

Ivanti disclosed two vulnerabilities in its Connect Secure, Policy Secure and Neurons for ZTA gateway devices, including one flaw that was exploited in the wild as a zero-day.

Background

On January 8, Ivanti published a security advisory for two vulnerabilities affecting multiple products including Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for Zero Trust Access (ZTA) gateways:

CVE Description CVSSv3 CVE-2025-0282 Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA gateways Stack-based Buffer Overflow Vulnerability 9.0 CVE-2025-0283 Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA gateways Stack-based Buffer Overflow Vulnerability 7.0 Analysis

CVE-2025-0282 is a stack-based buffer overflow vulnerability in Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA gateways. An unauthenticated, remote attacker that successfully exploits this flaw would obtain remote code execution on a vulnerable device.

CVE-2025-0283 is also a stack-based buffer overflow in Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA gateways. Unlike CVE-2025-0282, a local, authenticated attacker that successfully exploits this flaw would be able to elevate privileges on a vulnerable device.

In-the-wild exploitation observed for CVE-2025-0282

In a blog post, Ivanti confirmed that they have observed in-the-wild exploitation of CVE-2025-0282 in “a limited number of customers” of Ivanti Connect Secure devices. They reiterate that they have not observed exploitation against Ivanti Policy Secure or Neurons for ZTA gateways.

Historical exploitation of Ivanti Connect Secure

Ivanti Connect Secure, formerly known as Pulse Connect Secure, has been frequently targeted by attackers of all types, including advanced persistent threat (APT) groups as well as ransomware affiliates and opportunistic cybercriminals.

CVE Description Tenable Publications Year CVE-2019-11510 Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability 1, 2, 3, 4, 5 2019 CVE-2019-11539 Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability 1, 2, 3, 4 2019 CVE-2020-8218 Ivanti Pulse Connect Secure Code Injection Vulnerability Tenable 2020 Threat Landscape Retrospective 2020 CVE-2020-8243 Ivanti Pulse Connect Secure Code Injection Vulnerability 1, 2 2020 CVE-2020-8260 Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability 1, 2 2020 CVE-2021-22893 Ivanti Pulse Connect Secure Authentication Bypass Vulnerability 1, 2 2021 CVE-2021-22894 Ivanti Pulse Connect Secure Buffer Overflow Vulnerability CVE-2021-22893: Zero-Day Vulnerability in Pulse Connect Secure Exploited in the Wild 2021 CVE-2021-22899 Ivanti Pulse Connect Secure Command Injection Vulnerability CVE-2021-22893: Zero-Day Vulnerability in Pulse Connect Secure Exploited in the Wild 2021 CVE-2021-22900 Ivanti Pulse Connect Secure Multiple Unrestricted Uploads Vulnerability CVE-2021-22893: Zero-Day Vulnerability in Pulse Connect Secure Exploited in the Wild 2021 CVE-2023-46805 Ivanti Connect Secure and Ivanti Policy Secure Authentication Bypass Vulnerability 1, 2 2024 CVE-2024-21887 Ivanti Connect Secure and Ivanti Policy Secure Command Injection Vulnerability 1, 2 2024 CVE-2024-21893 Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability CVE-2023-46805, CVE-2024-21887, CVE-2024-21888 and CVE-2024-21893: Frequently Asked Questions for Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways 2024

Because of the historical exploitation of these devices, customers are strongly advised to apply the available patch for these flaws as soon as possible.

Proof of concept

At the time this blog post was published, there were no public proof-of-concept exploits for CVE-2025-0282 or CVE-2025-0283.

Solution

Ivanti has released the following patches for Connect Secure, Policy Secure and Neurons for ZTA Gateways.

Affected Product Affected Versions (CVE-2025-0282) Affected Versions (CVE-2025-0283) Fixed Version Ivanti Connect Secure 22.7R2 through 22.7R2.4 22.7R2.4 and below
9.1R18.9 and below 22.7R2.5 Ivanti Policy Secure 22.7R1 through 22.7R1.2 22.7R1.2 and below Unavailable until January 21 Ivanti Neurons for ZTA gateways 22.7R2 through 22.7R2.3 22.7R2.3 and below 22.7R2.5 (Unavailable until January 21)

Ivanti customers can utilize its Integrity Checker Tool (ICT) to identify exploitation of CVE-2025-0282.

For Connect Secure customers, Ivanti recommends performing a factory reset of devices prior to upgrading to version 22.7R2.5 “out of an abundance of caution” for those with clean ICT scan results and to “ensure any malware is removed” where ICT results “show signs of compromise.”

Identifying affected systems

A list of Tenable plugins for these vulnerabilities can be found on the individual CVE pages for CVE-2025-0282 and CVE-2025-0283 as they’re released. These links will display all available plugins for these vulnerabilities, including upcoming plugins in our Plugins Pipeline.

Tenable Attack Surface Management customers are able to quickly identify these assets by leveraging the built in subscription labeled Ivanti Connect Secure (ICS) - v1.

  Get more information

• Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-0282, CVE-2025-0283)
• Security Update: Ivanti Connect Secure, Policy Secure and Neurons for ZTA Gateways

Join Tenable's Security Response Team on the Tenable Community.
Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

The post CVE-2025-0282: Ivanti Connect Secure Zero-Day Vulnerability Exploited In The Wild appeared first on Security Boulevard.

IEI-IEI, Oh: Running an obsolete OS, on obsolete hardware, configured with obsolete settings.

The post Insecure Medical Devices — Illumina DNA Sequencer Illuminates Risks appeared first on Security Boulevard.

This post will clarify what SSF is, describe its approach, explain the roles of the CAEP and RISC, and outline the ways to work together.

The post The OpenID Shared Signals Framework appeared first on Security Boulevard.

via the comic humor & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Origami Black Hole’ appeared first on Security Boulevard.

Navigating the job market can feel like a final boss battle in a video game—thrilling, challenging, and filled with traps. Unfortunately, work-from-home scams are some of the trickiest villains you’ll encounter on this quest. They disguise themselves as legitimate opportunities, preying on jobseekers eager to land their dream roles.

The post Time for a new job—9 work-from-home scams and how to spot them appeared first on Security Boulevard.