[Video] The TTP Ep 21: When Attackers Become Trusted Users

!\Video\ The TTP Ep 21: When Attackers Become Trusted Usershttps://storage.ghost.io/c/af/a0/afa04ee3-414f-4481-8d23-7e7c146f192e/content/images/2026/04/YiR2025cover2x1.jpg In this episode of the Talos Threat Perspective, we explore how identity is being used to gain, extend, and maintain access...

CVE-2022-35258

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure ICS in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure IPS in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior...

CVE-2024-31489

AAn improper certificate validation vulnerability CWE-295 in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 through 7.0.11, 7.2.0 through 7.2.4 may allow a remote and unauthenticated attacker to perform a...

Zero Trust Network Access Without the Performance Penalty

...

How to Cut Costs with a Browser Security Platform

Browser security is becoming increasingly popular, as organizations understand the need to protect at the point of risk - the browser. Network and endpoint solutions are limited in their ability to protect from web-borne threats like phishing websites or malicious browser extensions. They also do...

RFP Template for Browser Security

Increasing cyber threats and attacks have made protecting organizational data a paramount concern for businesses of all sizes. A group of experts have recognized the pressing need for comprehensive browser security solutions and collaborated to develop "The Definitive Browser Security RFP...

Cyolo Product Overview: Secure Remote Access to All Environments

Operational technology OT cybersecurity is a challenging but critical aspect of protecting organizations' essential systems and resources. Cybercriminals no longer break into systems, but instead log in – making access security more complex and also more important to manage and control than ever...

Expert-Led Webinar: Learn Proven Strategies to Secure Your Identity Perimeter

The stakes are high when it comes to cybersecurity. No longer are we dealing with unskilled hackers trying to break into corporate systems with brute force. Today, cybercriminals are using highly sophisticated methods like social engineering, spear phishing, and BEC to target users directly and l...

Expert-Led Webinar: Learn Proven Strategies to Secure Your Identity Perimeter

The stakes are high when it comes to cybersecurity. No longer are we dealing with unskilled hackers trying to break into corporate systems with brute force. Today, cybercriminals are using highly sophisticated methods like social engineering, spear phishing, and BEC to target users directly and l...

CVE-2022-35254

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure ICS in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure IPS in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior...

CVE-2022-35254

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure ICS in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure IPS in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior...

CVE-2022-35254

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure ICS in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure IPS in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior...

PT-2022-22661 · Ivanti · Ivanti Policy Secure +2

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 9.1R14.3 Ivanti Connect Secure versions prior to 9.1R15.2 Ivanti Connect Secure versions prior to 9.1R16.2 Ivanti Connect Secure versions prior to 22.2R4 Ivanti Policy Secure versions prior to 9.1R17...

CVE-2022-35258

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure ICS in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure IPS in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior...

All Access Is (or Should Be) Remote Access

With the transition to remote work, we often hear the term remote access used in unison. Typically, remote work application access is facilitated via a remote access mechanism and, presumably, local work application access is facilitated via a local access mechanism. But I argue that this...

CISA Emergency Directive 21-03: VPN Vulnerabilities Actively Exploited

On April 20, 2021, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency CISA released an alert on the exploitation of Pulse Connect Secure Vulnerabilities with Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities, as well as Emergency Directive ED...

Missing Link in a 'Zero Trust' Security Model—The Device You're Connecting With!

Like it or not, 2020 was the year that proved that teams could work from literally anywhere. While terms like "flex work" and "WFH" were thrown around before COVID-19 came around, thanks to the pandemic, remote working has become the defacto way people work nowadays. Today, digital-based work...

Accelerate Migration from Legacy WAM While Enabling Zero Trust Access with EAA and Single-Host Access

Customers are in the process of replacing their legacy proxy/WAM solutions with modern Identity-Aware Proxies to enable Zero Trust access to business applications and services. Akamai's Identity Aware proxy enables secure remote access for end users from anywhere, on any device, to business...

Zero Trust Access: Santa Claus Wasn't the Only One Working Christmas Eve

The days from Christmas Eve to New Year's Day are filled with celebrations. Many companies shut down and encourage their employees to take vacations. However, a sample of data comparing an average work week around the holiday, shows the idea of "downtime" isn't exactly accurate. In fact, many use...

Easy VPN Transition With Zero Trust Access

Akamai recently announced Enterprise Application Access capabilities designed to improve performance and user experience, as well as provide an easy migration away from VPN, reducing complexity and risk. The new capabilities -- IP address-based access, on-premises network detection, and captive...