Tag: ivanti
-
Volume of attacks on network devices shows need to replace end of life devices quickly
by
in SecurityNews
Tags: access, apache, attack, authentication, best-practice, breach, cloud, control, credentials, cve, cyber, dns, endpoint, espionage, exploit, firewall, flaw, government, group, Hardware, infrastructure, injection, Internet, ivanti, lazarus, macOS, monitoring, network, north-korea, open-source, password, risk, router, russia, sans, service, software, threat, tool, update, vulnerabilityCVE-2023-1389, a vulnerability in TP-Link Archer AX21 router;CVE-2024-3400, a hole in Palo Alto Networks PAN-OS firewall operating system;CVE-2023-36845, a vulnerability in Juniper Networks Junos OS operating system;CVE-2021-44529, a vulnerability in Ivanti Endpoint Manager Cloud Service Appliance;CVE-2023-38035, a hole in Ivanti Sentry security gateway;CVE-2024-36401, a vulnerability in OSGeo GeoServer;CVE-2024-0012, a vulnerability in Palo Alto Neworks PAN-OS…
-
CISA spots spawn of Spawn malware targeting Ivanti flaw
Resurge an apt name for malware targeting hardware maker that has security bug after security bug First seen on theregister.com Jump to article: www.theregister.com/2025/04/01/cisa_ivanti_warning/
-
Fixed Ivanti Bug Used by Novel RESURGE Malware
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/cisa-fixed-ivanti-bug-used-by-novel-resurge-malware
-
Addressed Ivanti bug leveraged by novel RESURGE malware
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/cisa-addressed-ivanti-bug-leveraged-by-novel-resurge-malware
-
CISA Warns of Resurge Malware Connected to Ivanti Vuln
by
in SecurityNewsThreat actors are exploiting a vulnerability in Ivanti Connect Secure first disclosed by the vendor in January. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/cisa-warns-resurge-malware-ivanti-vuln
-
Rootkit, Backdoor and Tunneler: Ivanti Malware Does It All
by
in SecurityNewsCISA Publishes Anatomy of Advanced Ivanti VPN Malware. Hackers using Trojans connected to a malware family deployed by Chinese nation-state hackers are actively exploiting a now-patched vulnerability in Ivanti Connect Secure appliances. The malware contains capabilities of a rootkit, dropper, backdoor, bootkit, proxy and tunneler. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/rootkit-backdoor-tunneler-ivanti-malware-does-all-a-27881
-
CISA warns new malware targeting Ivanti zero-day vulnerability
by
in SecurityNewsCVE-2025-0282, a critical vulnerability that affects Ivanti’s Connect Secure, Policy Secure;and ZTA Gateway products, was disclosed and patched in January. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-warns-malware-targeting-ivanti-zero-day/743967/
-
New Malware Variant RESURGE Exploits Ivanti Vulnerability
by
in SecurityNewsCISA recommends immediate action to address malware variant RESURGE exploiting Ivanti vulnerability CVE-2025-0282 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malware-resurge-exploits-ivanti/
-
CISA Analyzes Malware Used in Ivanti Zero-Day Attacks
CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day. The post CISA Analyzes Malware Used in Ivanti Zero-Day Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-analyzes-malware-used-in-ivanti-connect-secure-zero-day-attacks/
-
CISA reveals new malware variant used on compromised Ivanti Connect Secure devices
by
in SecurityNewsCISA has released indicators of compromise, detection signatures, and updated mitigation advice for rooting out a newly identified malware variant used by the attackers who … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/31/cisa-reveals-new-malware-variant-used-on-compromised-ivanti-connect-secure-devices/
-
CISA warns of RESURGE malware exploiting Ivanti flaw
by
in SecurityNews
Tags: attack, cisa, cve, cybersecurity, exploit, flaw, infrastructure, ivanti, malicious, malware, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a Malware Analysis Report (MAR) on a new malware calledRESURGE. The malicious code has been used in attacks targeting the flaw CVE-2025-0282 in Ivanti Connect…
-
RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features
by
in SecurityNewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shed light on a new malware called RESURGE that has been deployed as part of exploitation activity targeting a now-patched security flaw in Ivanti Connect Secure (ICS) appliances.”RESURGE contains capabilities of the SPAWNCHIMERA malware variant, including surviving reboots; however, RESURGE contains distinctive commands that First seen…
-
Breach Roundup: The Ivanti Patch Treadmill
by
in SecurityNewsAlso: Patch Tuesday, Equalize Scandal Figure Dies and Polymorphic Extension Attack. This week, Ivanti EPM customers should patch, Patch Tuesday, fake web browser extensions, North Korean Android malware, a key figure in Italy’s Equalize scandal dead of heart attack. Also, Apache Camel flaw, OpenAI’s agent automates phishing and Apple patched another zero day. First seen…
-
Ivanti EPM vulnerabilities actively exploited in the wild, CISA warns
by
in SecurityNews
Tags: apt, china, cisa, cyberespionage, exploit, flaw, group, ivanti, remote-code-execution, vpn, vulnerability, zero-dayIvanti products in attackers’ crosshairs: Multiple Ivanti products have been targeted by attackers over the past year, especially by state-sponsored cyberespionage groups who developed zero-day exploits for them.Back in January Ivanti patched a critical remote code execution flaw in its Connect Secure SSL VPN appliance that a Chinese APT group had exploited as a zero-day…
-
3 Ivanti flaws added to CISA list of known exploited vulnerabilities
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/3-ivanti-flaws-added-to-cisa-list-of-known-exploited-vulnerabilities
-
Advantive VeraCore, Ivanti EPM flaws added to CISA vulnerabilities catalog
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/advantive-veracore-ivanti-epm-flaws-added-to-cisa-vulnerabilities-catalog
-
3 Ivanti endpoint vulnerabilities exploited in the wild
by
in SecurityNewsResearchers last month published a proof-of-concept exploit for the critical flaws in Endpoint Manager. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-3-ivanti-endpoint-vulnerabilities-exploited-in-the-wild/742168/
-
CISA tags critical Ivanti EPM flaws as actively exploited in attacks
by
in SecurityNewsCISA warned U.S. federal agencies to secure their networks against attacks exploiting three critical vulnerabilities affecting Ivanti Endpoint Manager (EPM) appliances. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-tags-critical-ivanti-epm-flaws-as-actively-exploited-in-attacks/
-
CISA Urges All Organizations to Patch Exploited Critical Ivanti Vulnerabilities
by
in SecurityNewsThe US Cybersecurity and Infrastructure Security Agency (CISA) has added five new flaws in Ivanti and VeraCore products to its Known Exploited Vulnerabilities catalog First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-kev-ivanti-critical/
-
CISA Added 3 Ivanti Endpoint Manager Bugs to Wildly Exploited Vulnerabilities Catalog
by
in SecurityNews
Tags: cisa, cyber, cybersecurity, endpoint, exploit, flaw, infrastructure, ivanti, kev, risk, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog with the addition of three high-risk security flaws affecting Ivanti Endpoint Manager (EPM). These vulnerabilities, which involve absolute path traversal issues, have been observed being actively exploited in the wild, prompting federal agencies and organizations to implement remediation measures before…
-
CISA Warns of Ivanti EPM Vulnerability Exploitation
by
in SecurityNewsCISA has added three critical-severity flaws in Ivanti EPM to its Known Exploited Vulnerabilities catalog. The post CISA Warns of Ivanti EPM Vulnerability Exploitation appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-warns-of-ivanti-epm-vulnerability-exploitation/
-
CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List
by
in SecurityNewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting Advantive VeraCore and Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild.The list of vulnerabilities is as follows -CVE-2024-57968 – An unrestricted file upload vulnerability in Advantive VeraCore First…
-
Chinese APT Silk Typhoon exploits IT supply chain weaknesses for initial access
by
in SecurityNews
Tags: access, apt, attack, authentication, china, citrix, cloud, control, corporate, credentials, data, detection, email, exploit, firewall, github, government, group, hacker, identity, Internet, ivanti, least-privilege, microsoft, network, password, service, software, supply-chain, threat, update, vpn, vulnerability, zero-dayTwo-way lateral movement: Aside from abusing cloud assets and third-party services and software providers to gain access to local networks, the Silk Typhoon attackers are also proficient in jumping from on-premise environments into cloud environments. The group’s hackers regularly target Microsoft AADConnect (now Entra Connect) servers which are used to synchronize on-premise Active Directory deployments…
-
Week in review: Botnet hits M365 accounts, PoC for Ivanti Endpoint Manager vulnerabilities released
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: Massive botnet hits Microsoft 365 accounts A recently discovered botnet of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/02/week-in-review-botnet-hits-m365-accounts-poc-for-ivanti-endpoint-manager-vulnerabilities-released/
-
2,850+ Ivanti Connect Secure Devices Exposed to Potential Cyberattacks
by
in SecurityNews
Tags: cyber, cyberattack, cybersecurity, data-breach, exploit, flaw, government, infrastructure, ivanti, network, risk, vpn, vulnerabilityA sweeping cybersecurity alert has emerged as researchers identify 2,850+ unpatched Ivanti Connect Secure devices worldwide, leaving organizations vulnerable to exploitation through the critical flaw designated CVE-2025-22467. The findings, published by cybersecurity watchdog Shadowserver Foundation, reveal systemic risks to virtual private network (VPN) infrastructures relied upon by enterprises and government agencies for secure remote access. Vulnerability Scope and…
-
PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
by
in SecurityNewsA proof-of-concept (PoC) exploit for four critical Ivanti Endpoint Manager vulnerabilities has been released by Horizon3.ai researchers. The vulnerabilities … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/24/poc-exploit-for-ivanti-endpoint-manager-vulnerabilities-released-cve-2024-13159/
-
SPAWNCHIMERA Malware Exploits Ivanti Buffer Overflow Vulnerability by Applying a Critical Fix
by
in SecurityNewsIn a recent development, the SPAWNCHIMERA malware family has been identified exploiting the buffer overflow vulnerability CVE-2025-0282 in Ivanti Connect Secure, as confirmed by JPCERT/CC. This vulnerability, disclosed in January 2025, had already been actively exploited since late December 2024, prior to its public announcement. The malware, an evolved variant of the SPAWN family, integrates…
-
Ivanti Issues Updates to Fix Critical Vulnerabilities
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/ivanti-issues-updates-to-fix-critical-vulnerabilities
-
Ivanti fixes 4 critical flaws, including CVSS 9.9 in Connect Secure
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/ivanti-fixes-4-critical-flaws-including-cvss-9-9-in-connect-secure