Security News > 2024 > January > Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families
2024-01-12 13:53
As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. "These families allow the threat actors to circumvent authentication and provide backdoor access to these devices," Mandiant said in an
News URL
https://thehackernews.com/2024/01/nation-state-actors-weaponize-ivanti.html
Related news
- Ivanti warns of three more CSA zero-days exploited in attacks (source)
- Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited (source)
- Ivanti fixes three CSA zero-days exploited in the wild (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381) (source)
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- Malicious ads exploited Internet Explorer zero day to drop malware (source)
- Fortinet patches VPN app flaw that could give rogue users, malware a privilege boost (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)