Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited

Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance CSA have come under active exploitation in the wild. The zero-day flaws are being weaponized in conjunction with another flaw in CSA that the company patched last month, the Utah-based software service...

DigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation Oversight

Certificate authority CA DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight with how it verified if a digital certificate is issued to the rightful owner of a domain. The company said it will be taking the step of revoking certificate...

Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation

Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild. The list of vulnerabilities is as follows - CVE-2024-21888 CVSS score: 8.8 - A privilege escalation vulnerability in the w...

Solar, Wind Power Utility Disrupted in Rare Cyberattack

A cyberattack on the U.S. energy grid has just come to light, so to speak, which disrupted plant visibility at Utah-based sPower back in March. sPower, a Utah-based wind and solar provider, began experiencing a series of lost connections between its main control center and remote power-generation...