One of the organizations compromised through a recently-discovered flaw in Ivanti products was, ironically enough, the US government’s Cybersecurity and Infrastructure Security Agency (CISA).
Confirmation of the breach came from CISA itself, as well as from an anonymous source “with knowledge of the situation”, with a CISA spokesperson telling The Record the organization “identified activity indicating the exploitation of vulnerabilities in Ivanti products the agency uses”. “The impact was limited to two systems, which we immediately took offline. We continue to upgrade and modernize our systems, and there is no operational impact at this time,” the spokesperson said.
Read more…
Source: TechRadar
Related:
- Hacker claims to have hacked the FBI, but it wasn’t
January 5, 2017
A hacker yesterday claimed to have hacked the FBI’s website running on Plone CMS, but it seems it wasn’t hacked using any zero-day vulnerability in Plone. We contacted Plone security team and updated this story (see below) with official statements.A hacker, using Twitter handle CyberZeist, has claimed to have hacked the FBI’s website (fbi.gov) and ...
- 11 Gigabytes of Sensitive Data Belonging to US DoD Staff Exposed
January 5, 2017
Personal details of doctors who are deployed in the United States Special Operations Command (USSOCOM or SOCOM) have been exposed due to a security vulnerability discovered in a server operated by health services contractor Potomac Healthcare Solutions. MacKeeper Security Researcher Chris Vickery discovered in late December that Potomac, which provides healthcare workers to the government through ...

