Recent vulnerabilities in Ivanti Connect Secure devices have enabled attackers to deploy the Mirai botnet, according to security researchers from Juniper. These vulnerabilities, identified as CVE-2023-46805 and CVE-2024-21887, are currently being actively exploited. The...
The MITRE Corporation, a non-profit organization, has disclosed that in January 2024, a sophisticated, state-sponsored hacker group infiltrated its systems by chaining together two zero-day exploits in the Ivanti VPN. The incident was initially...
The Cybersecurity and Infrastructure Security Agency (CISA) along with several leading global organizations have issued a new warning about critical vulnerabilities in the products of IT giant Ivanti. According to experts, these issues, identified...
Two Chinese hacking factions, known as UNC5325 and UNC3886, breached the security systems of software developed by Ivanti, which is deployed for safeguarding Virtual Private Networks (VPN). Mandiant experts discovered that UNC5325 exploited a...
A recent investigation into the firmware of Pulse Secure devices by Ivanti has illuminated profound security vulnerabilities within software supply chains. Specialists at Eclypsium uncovered numerous vulnerabilities, showcasing the complexity of safeguarding such software...
Ivanti has released a suite of patches for vulnerabilities in its Connect Secure (ICS) and Policy Secure (IPS) gateways. Concurrently, the company has identified two new zero-day vulnerabilities, one of which is being actively...
The Cybersecurity and Infrastructure Security Agency (CISA) of the United States has urgently issued a directive, urging Federal Civilian Executive Branch (FCEB) agencies to mitigate the effects of two actively exploited zero-day vulnerabilities in...
Earlier this month, we discussed the zero-day vulnerabilities in Ivanti products. A recent analysis by Mandiant revealed that attackers employed five distinct malware families in their assaults, including Zipline, Thinspool Dropper, Wirefire, Lightwire, and...
At least five different types of malware have been employed by suspected state-sponsored hackers to gain access to company networks through Zero-Day vulnerabilities in Ivanti Connect Secure (ICS) VPN devices. These attacks have been...
