Tag

Ivanti Connect Secure

All articles tagged with #ivanti connect secure

cybersecurity2 years ago•2 min saved

"CISA Urges Immediate Mitigation of Ivanti Zero-Day Vulnerabilities in Federal Agencies' Remote Work Software"

The U.S. Cybersecurity and Infrastructure Security Agency issued an emergency directive to federal agencies to protect against a vulnerability in the remote work software Ivanti Connect Secure, amid concerns of potential Chinese espionage. The vulnerability, discovered by cybersecurity company Volexity, has already been exploited by hackers, prompting investigations into potential targeting of federal agencies. While the agency has not attributed the attacks to China, it noted similarities to previous Chinese cyber campaigns and emphasized the urgency of mitigating the risk to federal networks and critical infrastructure.

via NBC News|

#china #cybersecurity #federal-agencies

cybersecurity2 years ago•2 min saved

Zero-Day Exploits: Ivanti VPN Targeted by Nation-State Actors

Hackers have been exploiting two zero-day vulnerabilities in Ivanti Connect Secure to deploy custom malware for espionage since early December, targeting a small number of customers. The threat actor, UNC5221, uses a set of tools for post-compromise activities, including custom malware for webshell planting, command execution, and credential theft. The attackers used compromised Cyberoam VPN appliances as command and control servers and are suspected to be an advanced persistent threat (APT) targeting high-priority victims. While there is no attribution, system admins are advised to implement mitigations provided by Ivanti as there is currently no security update addressing the zero-days.

via BleepingComputer|

#custom-malware #cybersecurity #espionage