Security Briefing: Shim Secure Boot Bypass, Fortinet CVE, Ivanti Vulns

February 14th, 2024 Security Briefing with IANS Faculty Jake Williams and Gal Shpantzer

This Episode Details:

• Shim Secure Boot Bypass Vulnerability - New vulnerabilities in the Shim service are being used to securely boot on Linux. Impacted systems that use HTTP boot services risk full compromise of the device.
• New Fortinet Vulnerabilities - Following the announcement of CVE-2024-21762 from Fortinet, CUSA quickly added the vulnerability to its Known Exploited Vulnerabilities list, indicating it has reports of threat actors using it in the wild.
• Additional Ivanti Disclosures - Ivanti has disclosed additional security vulnerabilities in it's Pulse line of VPN products.

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.