VPN Crisis: What's going on with all those recent vulnerabilities?

Описание: Open Tech Hour with Secfense is a live, interactive show hosted by Bartosz Cieszewski that discusses current issues in cybersecurity, especially around strong authentication and identity management.

The show airs every two weeks on YouTube and LinkedIn, inviting viewers to join the conversation by asking questions and sharing their thoughts. Bartosz focuses on the latest security threats and solutions, using real-world examples to highlight the importance of staying updated in the fast-changing world of cyber protection.

Here’s what Bartosz will discuss in the first episode of Open Tech Hour with Secfense:

Importance of corporate VPNs.
Common attack methods on VPNs.
Recent vulnerabilities in Ivanti VPN.
New security flaws in Fortinet and Cisco VPNs.
Critical vulnerability in Palo Alto VPN.
Live Q&A session for audience interaction.
Join the Discussion: Share your insights and questions live!


Sources:
VPNs: https://www.purevpn.com/blog/secure-r...
VPN attack procedure: https://www.zscaler.com/cxorevolution...

Ivanti:
Volexity findings: https://www.volexity.com/blog/2024/01...
Ivanti first anouncement: https://forums.ivanti.com/s/article/C...
Ivanti second anouncement: https://forums.ivanti.com/s/article/C...
CVE-2024-210893 description: https://www.helpnetsecurity.com/2024/...
Ivanti final anouncement: https://forums.ivanti.com/s/article/C...
XXE Attack: https://portswigger.net/web-security/xxe
CISA initial advisory: https://www.cisa.gov/news-events/aler...
CISA directive to shutdown Ivanti: https://www.cisa.gov/news-events/dire...


Fortinet:
Vulnerability anouncement: https://www.fortiguard.com/psirt/FG-I...
Issue description: https://www.tenable.com/blog/cve-2024...
CISA KEV: https://www.cisa.gov/news-events/aler...

Cisco:
Advisory: https://sec.cloudapps.cisco.com/secur...
Issue desription: https://www.helpnetsecurity.com/2024/...

Netscaler:
CISA Advisory: https://www.cisa.gov/guidance-address...
Issue Description: https://www.tenable.com/blog/cve-2023....

Palo Alto:
Vendor announcement: https://security.paloaltonetworks.com...