The leak did not connect individuals to registered entities or roles, and the organization is working with the Jersey Office of the Information Commissioner to investigate further.
Jan 31, 2024NewsroomVulnerability / Zero Day Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild. The list of vulnerabilities is as follows – CVE-2024-21888 (CVSS score: 8.8) – A privilege escalation vulnerability in the […]
Payloads recently found on compromised Ivanti Connect Secure appliances could be from the same, sophisticated threat actor, according to incident response provider Synacktiv. A new malware analysis from Synacktiv researcher Théo Letailleur showed that the 12 Rust payloads discovered by Volexity as part of its investigation into two Ivanti Connect Secure VPN remote code execution […]
Compromised Ivanti Connect Secure IPs Last Friday, CISA issued Emergency Directive 24-01 mandating all Federal Civilian Executive Branch (FCEB) agencies to address two actively exploited vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure. These vulnerabilities, CVE-2023-46805 (an authentication bypass vulnerability) and CVE-2024-21887 (a command-injection vulnerability), when exploited in combination, allow malicious actors to achieve […]
Ivanti said it is seeing a spike in hackers targeting two recently disclosed vulnerabilities in its Connect Secure VPN product, as cybersecurity researchers also sized up the extent of the damage. Since issuing an advisory last week, “we have seen a sharp increase in threat actor activity and security researcher scans” concerning the bugs, an […]
Jan 11, 2024NewsroomCybersecurity / Zero-Day A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm Volexity, which identified the activity on the network of one of its customers in the second week of December 2023, […]
A Bluetooth authentication bypass vulnerability, tracked as CVE-2023-45866, allows attackers to connect to Apple, Android, and Linux devices and inject keystrokes to run arbitrary commands.
The botnet uses a domain generation algorithm (DGA) to connect with its command and control server and can be instructed to establish backconnect server connections, allowing infected devices to be used as proxy servers.
Oct 26, 2023NewsroomVulnerability / Network Security Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest version following the discovery of an unauthenticated remote code execution vulnerability. Tracked as CVE-2023-43208, the vulnerability has been addressed in version 4.4.1 released on October 6, 2023. “This is […]
- 1
- 2