tldrdaily.news logo
Tag

Ivanti Vpn

All articles tagged with #ivanti vpn

US Government Orders Immediate Disconnection of Vulnerable Ivanti VPNs
cybersecurity1 year ago

US Government Orders Immediate Disconnection of Vulnerable Ivanti VPNs

The U.S. cybersecurity agency CISA has issued an emergency directive ordering federal agencies to disconnect Ivanti VPN appliances due to multiple software flaws that pose a risk of malicious exploitation by hackers. This comes after FBI Director Christopher Wray warned of China-backed hackers targeting critical infrastructure in the U.S. and the recent shutdown of a Chinese hacking group's attempt to infiltrate routers. CISA's directive aims to reduce risks to federal systems, while the FBI and Justice Department continue to address cyber threats posed by foreign governments.

via Fox News|
#chinese-hackers#cisa#cybersecurity
"US Agencies Given 48 Hours to Disconnect Flawed Ivanti VPN Tech"
technology1 year ago

"US Agencies Given 48 Hours to Disconnect Flawed Ivanti VPN Tech"

The U.S. cybersecurity agency CISA has ordered federal agencies to disconnect all Ivanti VPN appliances within 48 hours due to the serious threat posed by multiple zero-day vulnerabilities being actively exploited by malicious hackers. This directive comes after Ivanti uncovered a third zero-day flaw and security researchers identified Chinese state-backed hackers exploiting at least two of the vulnerabilities. CISA has instructed agencies to disconnect the affected products, continue threat hunting, and monitor authentication services, while providing instructions for restoring Ivanti appliances to online operation. Ivanti has made patches available for some affected software versions and urged customers to factory reset appliances before patching to prevent hackers from gaining persistence on their network.

via TechCrunch|
#cisa#cybersecurity#federal-agencies
"CISA Mandates Urgent Disconnect of Ivanti VPN Appliances Due to Zero-Day Exploits"
cybersecurity1 year ago

"CISA Mandates Urgent Disconnect of Ivanti VPN Appliances Due to Zero-Day Exploits"

CISA has ordered U.S. federal agencies to disconnect all vulnerable Ivanti Connect Secure and Policy Secure VPN appliances by Saturday due to actively exploited security flaws. The directive follows extensive exploitation of zero-day vulnerabilities by threat actors. Ivanti has released security patches and mitigation instructions, urging customers to factory reset vulnerable appliances before patching. Federal agencies must disconnect the devices, hunt for signs of compromise, and take steps to bring them back online securely, reporting their progress to CISA.

via BleepingComputer|
#cisa#cybersecurity#federal-agencies
"Ivanti VPN Vulnerabilities Spark Malware Attacks and Federal Agency Orders"
network-security-malware1 year ago

"Ivanti VPN Vulnerabilities Spark Malware Attacks and Federal Agency Orders"

Mandiant has discovered new malware used by UNC5221 and other threat groups to exploit Ivanti Connect Secure VPN and Policy Secure devices, including custom web shells like BUSHWALK, CHAINLINE, and FRAMESTING, as well as a variant of LIGHTWIRE. The malware exploits vulnerabilities allowing arbitrary command execution and JavaScript-based credential stealing. The attacks involve open-source utilities for post-exploitation activities, and Ivanti has disclosed and released fixes for additional security flaws. UNC5221 targets various industries of strategic interest to China, with infrastructure and tooling overlapping with past intrusions linked to China-based espionage actors.

via The Hacker News|
#exploitation#ivanti-vpn#malware