Latest news with #Emmons
Yahoo
20-05-2025
- Yahoo
Ivanti Endpoint Mobile Manager customers exploited via chained vulnerabilities
This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. Hackers have successfully breached a limited number of Ivanti Endpoint Mobile Manager users by chaining together medium and high-severity vulnerabilities in the suite of mobile device management software. The vulnerabilities, tracked as CVE-2025-4427 and CVE-2025-4428, can allow an unauthenticated attacker to achieve remote code execution. Ivanti is urging customers to immediately upgrade to a fixed version of the software. The company also warned that the two vulnerabilities are linked to flaws in open-source libraries that are integrated into EPMM. Security researchers say those third-party flaws could have broader implications. Ivanti said it is working with security partners and with maintainers of the affected libraries to determine whether additional CVEs are warranted. There is some disagreement about the issue, however. Researchers at watchTowr raised questions about whether the issue should be legitimately blamed on a third-party library vulnerability. The researchers claim Ivanti misused a known dangerous function in the hibernate-validator library. Meanwhile, researchers at the Shadowserver Foundation reported 798 instances of CVE-2025-4427 were unpatched and considered vulnerable as of Sunday, down from 940 instances on Thursday. The exploit chain involves linking CVE-2025-4427, an authentication bypass in EPMM that allows an attacker to gain access to protected resources without proper credentials, with CVE-2025-4428, a remote-code-execution flaw that allows an attacker to execute arbitrary code on a target system. The vulnerabilities have CVSS scores of 5.3 (medium severity) and 7.2 (high severity), respectively. When chained together, researchers at Rapid7 said, an unauthenticated attacker could reach a web API endpoint to inject server-side template patterns and exploit the high-severity flaw. Rapid7 has tested proof-of-concept exploits and confirmed they work, but has not yet seen any confirmed exploitation in customer environments, according to security researcher Ryan Emmons. Emmons added that it's unclear which open-source libraries Ivanti is citing as the root cause of the flaw. A spokesperson for Ivanti was not immediately available for comment. The security issues were first reported to Ivanti by CERT-EU, the Cybersecurity Service for the Union Institutions. Sign in to access your portfolio
Yahoo
14-05-2025
- General
- Yahoo
WATCH: Local war hero remembered in new book
MEROM, Ind. (WTWO/WAWV) — A local war hero's story has been turned into a book and is heading to the National World War I Museum and Memorial in Kansas City. John Henry Parsel, from Merom, was a skilled scout sniper, engineer, and railman in World War I. During his time in the war, he kept a journal accounting for his time in the armed forces. After the war ended, he took these accounts and turned them into a book he one day wished to publish. However, the book was kept in storage, never to be published until his grandson, Dan Emmons, got his hands on it. Emmons said it means so much to him and the family to complete his grandfather's dream. Hometown Heroes: female veterans honored through Project In Her Boots 'He died in 1968, still unpublished, still the manuscript setting in the trunk. I think now he has to be looking down and just feeling wonderful about it,' said Emmons. The title of Emmons' book is '1918 From Heaven to Hell to Hoboken' and is available online. To see Emmons' full interview, where he dives into the story and background of the book, you can do so by watching it in the video player above. Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
Yahoo
15-04-2025
- Entertainment
- Yahoo
Waco Civic Theatre mourns the loss of one of its own
Waco, TX (FOX 44) — The Waco Civic Theatre is mourning the loss of one of its own after decades of making the company home to many. The company says their beloved vice president, Win Emmons III, had a passion which lit up every corner of the stage and beyond. Emmons was a cornerstone of their community, known for his tireless dedication both on and off the stage. 'I first saw him in a production of 'On Golden Pond,'' says Waco Civic Theatre patron Bart Cox. 'He played the Henry Fonda character, and it was wonderful. He did it with my sister, she was the Jane Fonda character. So, I've always kind of had a relationship with Win.' Emmons gave decades of service, passion, and love to the theatre. From changing marquees and building sets to leading with a heart on the Board of Directors – he did it all with a smile, a joke, and a hug to anyone needing it. 'He just was a very big influence here in Waco in regards to the theater community, and especially here at Waco Civic Theatre,' Cox said. 'If they could name it something else, it would be 'Win Emmons Theater.'' The Theatre said his presence will be deeply missed, but his legacy will live on in every curtain call. 'He was just fun-loving, joyful, but very serious when it came to the stage,' Cox said. 'He knew his lines, and he came to be the best that he could be for everyone. That kind of energy is infectious.' Waco Civic Theatre Executive Director Kelley MacGregor told me that, 'Win was a hilarious and stoic man. There was no one like him.' Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
