Ivanti vulnerabilities (CVE-2023-46805, CVE-2024-21887) in widespread exploitation – Action Recommended

Summary: January 10, 2024, Ivanti published an advisory regarding two vulnerabilities (CVE-2023-46805 and CVE-2024-21887) that impact all supported versions of the Connect Secure (formerly known as Pulse Connect Secure) and Policy Secure gateways. CVE-2023-46805 is… More »

Critical Apache Struts 2 vulnerability (CVE-2023-50164) in active exploitation – Action Recommended

Summary: Apache disclosed a critical vulnerability (CVE-2023-50164) in the Apache Struts 2 open-source framework. Successful exploitation can allow an attacker to manipulate file upload parameters to enable path traversal and upload a malicious file. The… More »

2023 Christmas Checklist

To prepare for your Christmas break, please take a minute to read the below checklist, to help make sure there are no unwanted interruptions over the festive period, or in fact any uninvited surprises waiting… More »

LockBit affiliates exploiting “Citrix Bleed” vulnerability (CVE-2023-4966) – Action Recommended

Summary: Our Security Partner (Secureworks Counter Threat Unit researchers) are aware of at least two incidents where affiliates of the LockBit ransomware group have exploited the Citrix Bleed vulnerability (CVE-2023-4966) to access environments. It is… More »

Cisco IOS XE vulnerability (CVE-2023-20198) in active exploitation – Action Recommended

Summary: On October 16, 2023, Cisco disclosed a critical privilege escalation vulnerability (CVE-2023-20198) that affects the web user interface (web UI) used in Cisco IOS XE software. Cisco observed this vulnerability being actively exploited since… More »

NetScaler ADC and NetScaler Gateway vulnerabilities in active exploitation – Action Recommended

Summary: On July 18, 2023, Citrix disclosed multiple vulnerabilities (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467) that impact NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway). Only customer-managed platforms are affected. CVE-2023-3519 is under active exploitation… More »


Keeping Up To Date With Us Is Easy, Sign Up To Our Newsletter Today!

Stay in touch with emPSN, so that you get the latest e-safety advice and invites to our community events.

Our partners