Ivanti Issues Fix for Critical Vuln in Its Sentry Gateway Technology

Security vendor will not say if attackers are already actively exploiting the flaw, as some reports have claimed. [TechWeb]( Follow Dark Reading: [RSS]( August 22, 2023 LATEST SECURITY NEWS & COMMENTARY [Ivanti Issues Fix for Critical Vuln in Its Sentry Gateway Technology]( Security vendor will not say if attackers are already actively exploiting the flaw, as some reports have claimed. [Chinese APT Targets Hong Kong in Supply Chain Attack]( Dubbed Carderbee, the group used legitimate software and Microsoft-signed malware to spread the Korplug/PlugX backdoor to various Asian targets. [Fed Warning: US Space Industry Subject to Foreign Spying, Disruptions]( The space industry must improve security as foreign intelligence entities seek to steal trade secrets and disrupt space-based infrastructure, US agencies caution. [DEF CON's AI Village Pits Hackers Against LLMs to Find Flaws]( Touted as the largest red teaming exercise against LLMs in history, the AI Village attracted more than 2,000 hackers and throngs of media. [Tesla Data Breach Investigation Reveals Inside Job]( The carmaker also reported it's taken legal action against the former employees involved in the data breach, which involved more than 75,000 names. [Generative AI Is Scraping Your Data. So, Now What?]( AI innovation is moving faster than our laws and regulations, making it hard to decide whether Web or content scraping activity is good or bad, and what (if anything) you should do about it. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [LinkedIn Suffers 'Significant' Wave of Account Hacks]( Users report losing access to their accounts, with some being pressured into paying a ransom to get back in or else face permanent account deletion. ['Play' Ransomware Group Targeting MSPs Worldwide in New Campaign]( Attackers use remote monitoring and management tools at MSPs to gain unfettered access to target networks. [Boards Don't Want Security Promises — They Want Action]( CISOs must demonstrate that security processes and updates reduce risk in measurable ways. Put emphasis on action, get the basics right, and improve processes. [Unveiling the Hidden Risks of Routing Protocols]( Neglecting security of Border Gateway Protocol (BGP) and other routing protocols has created multiple vulnerabilities that must be addressed. [MORE]( EDITORS' CHOICE [CISA Committee Tackles Remote Monitoring and Management Protections]( CISA's public-private partnership produces RMM strategies to shore up critical infrastructure and to educate the MSPs that provide remote access to them. LATEST FROM THE EDGE [New NCUA Rule Requires Credit Unions to Report Cyberattacks Within 3 Days]( The updated cybersecurity reporting rule from the National Credit Union Administration takes effect Sept. 1. LATEST FROM DR TECHNOLOGY [Lock Down APIs to Prevent Breaches]( Developers need to focus on creating secure web and mobile applications because flaws in Web application programming interfaces (APIs) have left companies open to attack. LATEST FROM DR GLOBAL [Energy One Investigates Cyberattack]( Energy One is trying to determine the initial point of entry and whether personal information has been compromised. WEBINARS - [Passwords Are Passe: Next Gen Authentication for Today's Threats]( Cyber experts agree: end-user authentication needs more than the simple password. But what are the right tools and strategies for authentication in your organization? What does the world of passwordless look like for your organization? In this webinar, experts offer ... - [Protecting the Database: How to Secure Your Enterprise Data]( For many enterprises, the "crown jewels" are found in their database applications - virtual "crown jewels" of data in traditional database applications that are often linked to the Internet. What are the chief threats to today's databases? How can you ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( - [Rediscovering Your Identity]( - [2023 Global Future of Cyber Report]( - [Cybersecurity in a post pandemic world: A focus on financial services]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [What Ransomware Groups Look for in Enterprise Victims]( Ransomware attackers cast a wide net -- they just care about causing damage, making money, and gaining new victims. That means no organization is automatically immune to attack just because of its size or industry. Organizations need to take steps ... - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [ProjectDiscovery Announces $25M Series A Financing and Launch of Cloud Platform]( [CyCognito Finds Large Volume of Personal Identifiable Information in Vulnerable Cloud and Web Applications]( [Israel-US Binational Industrial R&D Foundation to Invest $3.85M in Critical Infrastructure Cybersecurity Projects]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Where and When Automation Makes Sense for Enterprise Security]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=117793&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_08.22.23&sp_cid=49551&utm_content=DR_NL_Dark%20Reading%20Daily_08.22.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#2a If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)