Security News

There's a "Reasonable chance" that Ivanti Connect Secure VPN users are already compromised if they didn't apply the vulnerability mitigation released last week, experts say. The latest data from Volexity shows that successful exploits of two Ivanti zero-days have accelerated sharply to more than 1,700 devices.

Two zero-day vulnerabilities affecting Ivanti's Connect Secure VPN and Policy Secure network access control appliances are now under mass exploitation. While Ivanti is yet to release patches for these two actively exploited zero-days, admins are advised to apply mitigation measures provided by the vendor on all ICS VPNs on their network.

Social engineer reveals effective tricks for real-world intrusionsIn this Help Net Security interview, Jayson E. Street, Chief Adversarial Officer at Secure Yeti, discusses intriguing aspects of social engineering and unconventional methods for gathering target information. Understanding zero-trust design philosophy and principlesIn this Help Net Security interview, Phil Vachon, Head of Infrastructure in the Office of the CTO at Bloomberg, discusses the varying definitions of zero trust among security professionals and companies, emphasizing its broad design philosophy.

Two zero-day bugs in Ivanti products were likely under attack by cyberspies as early as December, according to Mandiant's threat intel team. The software biz disclosed the vulnerabilities in Ivanti Connect Secure - the VPN server appliance previously known as Pulse Connect Secure - and its Policy Secure gateways on Wednesday.

Hackers have been exploiting the two zero-day vulnerabilities in Ivanti Connect Secure disclosed this week since early December to deploy multiple families of custom malware for espionage purposes. Zipline Passive Backdoor: custom malware that can intercept network traffic, supports upload/download operations, creating reverse shells, proxy servers, server tunneling.

As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure...

Security experts believe Chinese nation-state attackers are actively exploiting two zero-day vulnerabilities in security products made by Ivanti. Ivanti believes fewer than ten victims have been successfully attacked thus far, but according to a Shodan scan by Beaumont, the number of vulnerable gateways exposed to the internet is just north of 15,000.

Two zero-day vulnerabilities in Ivanti Connect Secure VPN devices are under active exploitation by unknown attackers, Volexity researchers have discovered. The two security flaws affect all supported versions of Ivanti Connect Secure - formerly known as Pulse Connect Secure - and Ivanti Policy Secure.

A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity...

Ivanti has disclosed two Connect Secure and Policy Secure zero-days exploited in the wild that can let remote attackers execute arbitrary commands on targeted gateways. Ivanti says the two zero-days have already been exploited in the wild in attacks targeting a small number of customers.