Hackers have been using two zero-day vulnerabilities in Ivanti Connect Secure’s systems for espionage since December. The breaches, dubbed CVE-2023-46805 and CVE-2024-21887, allow authentication bypassing and arbitrary command injection on the affected systems. The threat actor behind these attacks, known as UNC5221, employs tools that plant malware, steal credentials, and drop payloads. Although there’s no security update available yet for the vulnerabilities, Ivanti offers mitigation measures.
Wall Street’s Leaders and Laggards of 2024
2024 was a mixed year for biopharma stocks, with the iShares Biotechnology ETF and SPDR S&P Biotech ETF experiencing small decreases. Federal Reserve decisions caused
