Ivanti Connect Secure has two zero-day vulnerabilities exploited by threat actors, likely from China, enabling them to execute commands on appliances. Ivanti has released mitigations with patches due in late January. Over 7,000 vulnerable instances have been identified, mainly in the US, Japan and Europe. The attacker, UNC5221, aims at espionage, using diverse malware to maintain access to compromised systems.
The Light Collective amplifies its call for patient data rights
The Light Collective is planning to lead discussions on World Patient Safety Day (September 17) focusing on patient concerns about health data aggregation. The patient-led