January 31, 2024 at 02:36AM Two zero-day flaws in Ivanti Connect Secure (ICS) VPN have been exploited to distribute the Rust-based KrustyLoader and the Sliver adversary simulation tool. Identified as CVE-2023-46805 and CVE-2024-21887, the flaws allow unauthenticated remote code execution with delayed patches. The vulnerabilities have been utilized by threat actors and other adversaries. Key … Read more
January 12, 2024 at 06:15AM The recently discovered Ivanti Connect Secure zero-day vulnerabilities are being exploited by threat actors linked to China, aiming to steal valuable data. These vulnerabilities, CVE-2023-46805 and CVE-2024-21887, pose a serious threat, with over 7,000 internet-exposed instances vulnerable to attacks. Patches are expected by the week of January 22, but CISA … Read more
January 11, 2024 at 04:01AM A pair of zero-day flaws in Ivanti Connect Secure (ICS) and Policy Secure have been exploited by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm Volexity identified the activity and attributed it to a hacking group it tracks under the name UTA0178. Patches are expected to … Read more