Andrew Golding@cR0w@infosec.exchange I suppose on the plus side, the RCE/SQL-injection vulnerabilities require authentication. You know, little bit of silver lining on the usual dumpster fire.
cR0w@huronbikes@cyberplace.social Agreed. As far as Ivanti vulns go, this is nothing. But the wording of the (dis)claimer was interesting.
Andrew Golding@cR0w@infosec.exchange "as far as we know (nevermind we know very little), everything is fine!"
cR0w@huronbikes@cyberplace.social
massive bong rip
Do any of us really know anything though?
RootWyrm πΊπ¦
:progress:@cR0w@infosec.exchange @huronbikes@cyberplace.social
The people left at Ivanti:
<massive bong rip> Who knows? Who cares?
Andrew Golding@cR0w@infosec.exchange look, I only really know what our PR form knows and they seem to know quite a lot and I'm sure none of it is made up because they are very serious and we pay them in coke, or at least we did before I kept the coke for myself and outsourced the thinking to a chatbot.