Security News > 2024 > January > Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families
2024-01-12 13:53
As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. "These families allow the threat actors to circumvent authentication and provide backdoor access to these devices," Mandiant said in an
News URL
https://thehackernews.com/2024/01/nation-state-actors-weaponize-ivanti.html
Related news
- Fortinet patches VPN app flaw that could give rogue users, malware a privilege boost (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- Week in review: Exploitable flaws in corporate VPN clients, malware loader created with gaming engine (source)