Security News > 2024 > February > Warning: New Malware Emerges in Attacks Exploiting Ivanti VPN Vulnerabilities
2024-02-01 07:43
Google-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat groups during post-exploitation activity targeting Ivanti Connect Secure VPN and Policy Secure devices.
This includes custom web shells such as BUSHWALK, CHAINLINE, FRAMESTING, and a variant of LIGHTWIRE.
News URL
https://thehackernews.com/2024/02/warning-new-malware-emerges-in-attacks.html
Related news
- Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks (source)
- Hackers leverage 1-day vulnerabilities to deliver custom Linux malware (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- From Deepfakes to Malware: AI's Expanding Role in Cyber Attacks (source)
- New BunnyLoader Malware Variant Surfaces with Modular Attack Features (source)
- Over 100 US and EU orgs targeted in StrelaStealer malware attacks (source)
- Cisco warns of password-spraying attacks targeting VPN services (source)
- Ivanti vows to transform its security operating model, reveals new vulnerabilities (source)
- The Biggest Takeaways from Recent Malware Attacks (source)
- New Ivanti RCE flaw may impact 16,000 exposed VPN gateways (source)