Tag: ivanti
-
Week in review: Botnet hits M365 accounts, PoC for Ivanti Endpoint Manager vulnerabilities released
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: Massive botnet hits Microsoft 365 accounts A recently discovered botnet of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/02/week-in-review-botnet-hits-m365-accounts-poc-for-ivanti-endpoint-manager-vulnerabilities-released/
-
2,850+ Ivanti Connect Secure Devices Exposed to Potential Cyberattacks
by
in SecurityNews
Tags: cyber, cyberattack, cybersecurity, data-breach, exploit, flaw, government, infrastructure, ivanti, network, risk, vpn, vulnerabilityA sweeping cybersecurity alert has emerged as researchers identify 2,850+ unpatched Ivanti Connect Secure devices worldwide, leaving organizations vulnerable to exploitation through the critical flaw designated CVE-2025-22467. The findings, published by cybersecurity watchdog Shadowserver Foundation, reveal systemic risks to virtual private network (VPN) infrastructures relied upon by enterprises and government agencies for secure remote access. Vulnerability Scope and…
-
PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
by
in SecurityNewsA proof-of-concept (PoC) exploit for four critical Ivanti Endpoint Manager vulnerabilities has been released by Horizon3.ai researchers. The vulnerabilities … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/24/poc-exploit-for-ivanti-endpoint-manager-vulnerabilities-released-cve-2024-13159/
-
SPAWNCHIMERA Malware Exploits Ivanti Buffer Overflow Vulnerability by Applying a Critical Fix
by
in SecurityNewsIn a recent development, the SPAWNCHIMERA malware family has been identified exploiting the buffer overflow vulnerability CVE-2025-0282 in Ivanti Connect Secure, as confirmed by JPCERT/CC. This vulnerability, disclosed in January 2025, had already been actively exploited since late December 2024, prior to its public announcement. The malware, an evolved variant of the SPAWN family, integrates…
-
Ivanti Issues Updates to Fix Critical Vulnerabilities
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/ivanti-issues-updates-to-fix-critical-vulnerabilities
-
Ivanti fixes 4 critical flaws, including CVSS 9.9 in Connect Secure
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/ivanti-fixes-4-critical-flaws-including-cvss-9-9-in-connect-secure
-
Breach Roundup: Microsoft Patches Two Zero-Days in February
by
in SecurityNewsAlso: Google Fixes YouTube Vulnerabilities That Could Have Exposed User Emails. This week: Microsoft, Ivanti and Google release fixes for critical vulnerabilities and urge priority patching; Lee Enterprises confirms a cyberattack disrupted newspaper operations; and thousands of KerioControl Firewalls exposed to critical remote code execution flaws. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-microsoft-patches-two-zero-days-in-february-a-27515
-
CISA, FBI call software with buffer overflow issues ‘unforgivable’
by
in SecurityNewsMicrosoft, VMWare, Ivanti flaws called out: The feds highlighted a list of buffer overflow bugs affecting leading vendors like Microsoft, Ivanti, VMWare, Citrix and RedHat, ranging from high to critical severity, and some already having in-the-wild exploits.The list included two Microsoft flaws that could allow, local attackers in container-based environments to gain system privileges (CVE-2025-21333),…
-
Chinese Hackers Suspected in Ivanti CSA Attacks: Webshells and Lateral Movement Detected Sources and related content
by
in SecurityNewsA series of critical vulnerabilities affecting Ivanti Cloud Service Appliance (CSA) 4.6 have been actively exploited in the First seen on securityonline.info Jump to article: securityonline.info/chinese-hackers-suspected-in-ivanti-csa-attacks-webshells-and-lateral-movement-detected-sources-and-related-content/
-
Ivanti ICS, IPS, ISAC, CSA: Multiple Vulnerabilities Disclosed and Patched
by
in SecurityNewsSummary Ivanti has released security updates addressing nine vulnerabilities affecting Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), Ivanti Secure Access Client (ISAC), and Ivanti First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/02/12/ivanti-ics-ips-isac-csa-multiple-vulnerabilities-disclosed-and-patched/
-
Ivanti fixes three critical flaws in Connect Secure & Policy Secure
by
in SecurityNewsIvanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to address multiple vulnerabilities, including three critical severity problems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-fixes-three-critical-flaws-in-connect-secure-and-policy-secure/
-
Hackers Exploit Ivanti Connect Secure Vulnerability to Inject SPAWNCHIMERA malware
by
in SecurityNews
Tags: cve, cvss, cyber, cybersecurity, exploit, flaw, hacker, ivanti, malware, remote-code-execution, vulnerability, zero-dayIn a concerning development, cybersecurity experts have identified active exploitation of a critical vulnerability in Ivanti Connect Secure (ICS) appliances, tracked as CVE-2025-0282. This zero-day vulnerability, a stack-based buffer overflow with a CVSS score of 9.0, has been leveraged by attackers to deploy the advanced SPAWNCHIMERA malware. The flaw permits unauthenticated remote code execution, enabling…
-
Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities
by
in SecurityNewsIvanti and Fortinet on Tuesday released patches for multiple critical- and high-severity vulnerabilities in their products. The post Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ivanti-fortinet-patch-remote-code-execution-vulnerabilities/
-
Kritische Codeschmuggel-Lücken in VPN und CSA
by
in SecurityNewsIn Ivantis VPN-Software ICS, IPS und ISAC sowie in Ivanti CSA klaffen kritische Sicherheitslecks. Angreifer können Schadcode unterjubeln. First seen on heise.de Jump to article: www.heise.de/news/Ivanti-Kritische-Codeschmuggel-Luecken-in-VPN-und-CSA-10279170.html
-
Critical Ivanti CSA Vulnerability Allows Attackers Remote Code Execution to Gain Restricted Access
by
in SecurityNewsA critical vulnerability has been discovered in the Ivanti Cloud Services Application (CSA), potentially allowing attackers to execute remote code and access restricted functionality. Ivanti has released an urgent security update to address the issues, tracked as CVE-2024-47908 and CVE-2024-11771, urging customers to upgrade to version 5.0.5 to mitigate the threat. The two vulnerabilities affect…
-
Ivanti Patches Critical Flaws in Connect Secure and Policy Secure Update Now
by
in SecurityNewsIvanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution.The list of vulnerabilities is below -CVE-2024-38657 (CVSS score: 9.1) – External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and…
-
Attackers Use 2.8 Million Devices in Major Brute Force Attack
Threat actors are using as many as 2.8 million edge and IoT devices from around the world in a massive brute force attack that is targeting edge security systems from Palo Alto Networks, Ivanti, SonicWall, and other vendors, according to the Shadowserver Foundation. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/attackers-use-2-8-million-devices-in-major-brute-force-attack/
-
Edge Devices Face Surge in Mass Brute-Force Password Attacks
Scale of Long-Running Attacks ‘Unprecedented,’ Warns The Shadowserver Foundation. Honeypots designed to track malicious internet activity have detected a surge in brute-force password login attempts against edge devices, and especially – but not exclusively – targeting equipment manufactured by Palo Alto Networks, Ivanti and SonicWall, said The Shadowserver Foundation. First seen on govinfosecurity.com Jump to…
-
Massive brute force attack uses 2.8 million IPs to target VPN devices
by
in SecurityNewsA large-scale brute force password attack using almost 2.8 million IP addresses is underway, attempting to guess the credentials for a wide range of networking devices, including those from Palo Alto Networks, Ivanti, and SonicWall. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/massive-brute-force-attack-uses-28-million-ips-to-target-vpn-devices/
-
Ivanti Vulns Chained Together in Cyberattack Onslaught
by
in SecurityNewsThe threat actors are abusing the vulnerabilities to gain initial access, obtain credentials, and install malicious scripts on user devices. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/cisa-ivanti-vulns-chained-attacks
-
CISA, FBI Examine Ivanti CSA Exploit Chains
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/cisa-fbi-examine-ivanti-csa-exploit-chains
-
Ivanti CSA exploit chains examined in joint CISA, FBI advisory
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/ivanti-csa-exploit-chains-examined-in-joint-cisa-fbi-advisory
-
Ivanti zero-days chained together in at least 3 attacks, authorities warn
by
in SecurityNewsThe vendor’s customers have confronted multiple attack sprees targeting zero-days spanning a variety of products. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ivanti-zero-days-chained-attacks/738130/
-
Hackers still exploiting older Ivanti bugs to breach networks
by
in SecurityNewsCISA and the FBI warned today that attackers are still exploiting Ivanti Cloud Service Appliances (CSA) security flaws patched since September to breach vulnerable networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-hackers-still-exploiting-older-ivanti-bugs-to-breach-networks/
-
Chained Vulnerabilities Exploited in Ivanti Cloud Service Appliances
by
in SecurityNews
Tags: cloud, credentials, exploit, ivanti, rce, remote-code-execution, service, theft, threat, vulnerabilityThreat actors chained Ivanti CSA vulnerabilities for RCE, credential theft & webshell deployment First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-fbi-warn-chained-attacks/
-
Chinese threat actors used two advanced exploit chains to hack Ivanti CSA
by
in SecurityNewsUS agencies revealed Chinese threat actors used two advanced exploit chains to breach Ivanti Cloud Service Appliances (CSA). The US government’s cybersecurity and law enforcement revealed that Chinese threat actors used at least two sophisticated exploit chains to compromise Ivanti Cloud Service Appliances (CSA). A CISA and FBI published a joint advisory warning that Chinese hackers…
-
FBI/CISA Share Details on Ivanti Exploits Chains: What Network Defenders Need to Know
by
in SecurityNewsThe US government shared exploit chains, IOCs and post-incident forensics data to help network defenders hunt for signs of Chinese hacking gangs. The post FBI/CISA Share Details on Ivanti Exploits Chains: What Network Defenders Need to Know appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/fbi-cisa-share-details-on-ivanti-exploits-chains-what-network-defenders-need-to-know/
-
CL-UNK-0979 Exploit Zero-Day Flaw in Ivanti Connect Secure to Gain Access to Networks
by
in SecurityNewsPalo Alto Networks has issued a detailed threat briefing on two critical vulnerabilities in Ivanti products”, CVE-2025-0282 and CVE-2025-0283. First seen on securityonline.info Jump to article: securityonline.info/cl-unk-0979-exploit-zero-day-flaw-in-ivanti-connect-secure-to-gain-access-to-networks/
-
US hits back against China’s Salt Typhoon group
by
in SecurityNews
Tags: attack, backdoor, china, cisa, ciso, communications, computer, control, crypto, cve, cyber, cyberattack, cybersecurity, defense, detection, disinformation, espionage, exploit, finance, government, group, infosec, infrastructure, intelligence, ivanti, law, malicious, mandiant, microsoft, network, north-korea, office, tactics, technology, theft, threat, tool, vpn, vulnerabilityThe US is hitting back against the threat group, dubbed Salt Typhoon by Microsoft, which is allegedly behind recent cyber attacks against American telecommunications providers, as part of a wider campaign against Chinese-based hacking.On Friday the Department of the Treasury’s Office of Foreign Assets Control (OFAC) said it is sanctioning Sichuan Juxinhe Network Technology, a…
-
PoC Exploit Released for Ivanti Connect Secure RCE Vulnerability
by
in SecurityNewsA serious security flaw has been identified in Ivanti Connect Secure, designated as CVE-2025-0282, which enables remote unauthenticated attackers to execute arbitrary code. As of January 8, 2025, Ivanti has acknowledged the existence of this stack-based buffer overflow vulnerability found in versions before22.7R2.5. This vulnerability is particularly concerning due to its high attack vector stemming from…