TLDR: The number of organizations compromised by zero-day bugs in Ivanti products is growing, according to Mandiant’s threat intelligence team. The vulnerabilities in Ivanti Connect Secure and Policy Secure gateways were disclosed by Ivanti and already exploited. The victim count, initially reported as less than 10, has since increased. Neither flaw currently has a patch, and Ivanti hopes to start rolling out patches in late January. The vulnerabilities allow for unauthenticated remote code execution, meaning attackers can take control of an organization’s Ivanti network appliances and infiltrate their IT environment. Mandiant has identified abuse of the bugs by a suspected espionage team, UNC5221, and has seen in-the-wild attacks as early as December. The attackers primarily used hijacked Cyberoam VPN appliances as command-and-control servers. The attackers also used various pieces of bespoke malware to achieve persistence and avoid detection. Mandiant’s investigation is ongoing, and the victim count is likely to continue to grow as organizations discover their compromised devices.
Ivanti’s zero-day victims increase; Mandiant adds valuable insights
Latest from News
CISA, FBI, DC3 alert: Watch out for Iran-based ransomware attacks
TLDR: CISA, FBI, and DC3 have issued an alert warning of Iran-based ransomware attacks targeting U.S. organizations. The cyber actors are connected to the
Are your funds secure with two-factor authentication? Think again
TLDR: Two-factor authentication (2FA) is a crucial tool in preventing cybercrime, but it has its limitations. While 2FA adds an extra layer of security,
Black Hat 2024 Cybersecurity Pulse Report – Don’t Miss Out
Cybersecurity Pulse Report Summary TLDR: Key Points Cybersecurity Pulse Report Black Hat 2024 Edition provides expert insights into critical security challenges. AI-driven analysis compiles
Moody’s: Cyber Insurance Competition Rises, Prices Fall
Moody’s Ratings Article Summary TLDR: Key Points: Cyber insurance market poised for growth as cyberattacks increase. New entrants in the market may lead to
Gen Alpha: Cybersecurity meets AI in a digital era
TLDR: Generation Alpha, children of Millennials, are growing up in an AI-native world where AI is an integral part of daily life. Cybersecurity in