State-sponsored hackers, including a Chinese threat actor, have begun mass-exploiting two critical zero-day vulnerabilities in Ivanti's VPN solutions, specifically the Connect Secure and Policy Secure Gateways. These vulnerabilities, identified as CVE-2023-46805 and CVE-2024-21887, have been weaponized to deploy five different malware families in a targeted cyber espionage campaign. Security firm Mandiant, now part of Google Cloud, has been working with Ivanti to investigate the attacks, which they believe an espionage-focused threat actor is responsible for. The attacks began in December and have since impacted over 1,700 Ivanti VPN appliances across various sectors, including government, military, telecom, defense, technology, finance, consulting, aerospace, and engineering. Ivanti has alerted customers to the critical vulnerabilities, but patches are not yet available, leaving many organizations exposed to potential compromise. Ivanti researchers reported the issues, and a daily scan list has found 6809 vulnerable instances as of January 15, 2024.
Hackers begin mass exploiting Ivanti VPN zero-day flaws: https://t.co/757CoAkx0A by TechCrunch #infosec #cybersecurity #technology #news
Hackers have begun mass-exploiting two critical zero-days in Ivanti’s widely-used corporate VPN appliance. Over 1,700 Ivanti Connect Secure appliances have been exploited so far, impacting organizations in the banking, defense and government industries https://t.co/zmxw3kgfBk
Hackers have begun mass-exploiting two critical zero-days in Ivanti’s widely-used corporate VPN appliance. Over 1,700 Ivanti Connect Secure appliances have been exploited so far, impacting organizations in the banking, defense and government, industries https://t.co/zmxw3kgfBk
Hackers begin mass exploiting Ivanti VPN zero-day flaws https://t.co/FnNIbKkAuY
Ivanti zero-day exploits explode as bevy of attackers get in on the act https://t.co/2C4B3mXooJ
Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws: https://t.co/Ugt64chZSV by Security Affairs #infosec #cybersecurity #technology #news
Update: Over 1,700 Ivanti VPN appliances have been hit by zero-day attacks, including government, military, telecom, defense, tech, finance, consulting, aerospace, and engineering sectors. Read: https://t.co/4jvecD1yey #infosec
Scanning for vulnerable Ivanti Connect Secure (CVE-2023-46805 & CVE-2024-21887) instances has been added to our daily scan list. 6809 found vulnerable for 2024-01-15 scans using methodology from @watchtowrcyber - https://t.co/3YYOnHrMUx) More details: https://t.co/qxv0Gv5ELc https://t.co/xUE2T5tk7L
ICYMI - Two zero-day vulnerabilities have been discovered in Ivanti Secure VPN, a popular #VPN solution used by organizations worldwide. https://t.co/b2zDPF7GNt #cybersecuritynews #technews
🚀 We have reproduced both in-the-wild exploited Ivanti zero-days (CVE-2023-46805 & CVE-2024-21887) 🥷 We've released some of our research in this blogpost - but rest assured, full exploit chain details are heavily redacted (for now) 🙂 https://t.co/5dCxICtHAW
Number of orgs compromised via Ivanti VPN zero-days grows as Mandiant weighs in https://t.co/mi4Ty9Ant8
Newly Discovered Ivanti Secure VPN Zero-Day Vulnerabilities Allow Chinese Threat Actor to Compromise Systems https://t.co/b2zDPF78XV #technology #technews
Ivanti, a popular provider of enterprise work tools, confirmed that hackers are actively exploiting critical vulnerabilities in two of its products. https://t.co/DnjrrxpV7m
Mandiant: Attacks Exploiting Ivanti VPN Flaws Began In December: https://t.co/yu9ozZSPwK @Mandiant (part of @googlecloud)—which has been working with Ivanti to investigate the attacks—disclosed findings that an espionage-focused threat actor is believed to be responsible.
Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families: https://t.co/SLMYBrxGza by The Hacker News #infosec #cybersecurity #technology #news
Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout #cybersecurity https://t.co/DOHnHdnLLm
⚡ Nation-state hackers weaponizing Ivanti Connect Secure VPN zero-days to deploy five #malware families in a targeted cyber espionage campaign. Learn more: https://t.co/hn5WWrd5bN Patch ASAP! #cybersecurity #hacking
Ivanti alerts customers to critical vulnerabilities in Connect Secure and Policy Secure Gateways https://t.co/R2zfGYsjIJ
Ivanti Researchers Report Two Critical Zero-Day Vulnerabilities: https://t.co/slJz4He2jH by darkreading #infosec #cybersecurity #technology #news
State-Sponsored Hackers Exploit Zero-Day Flaws in Ivanti VPN https://t.co/lVjPHpyWuI
State-backed Hackers Are Exploiting New Ivanti VPN Zero-Days - But No Patches Yet https://t.co/7mftpzn8lZ