State-sponsored hackers know enterprise VPN appliances inside out

Suspected Chinese state-sponsored hackers who have been leveraging Ivanti Connect Secure VPN flaws to breach a variety of organizations have demonstrated “a nuanced understanding of the appliance”, according to Mandiant incident responders and threat hunters. They were able to perform a number of modifications on the device and deploy specialized malware and plugins aimed at achieving persistence across system upgrades, patches, and factory resets. “While the limited attempts observed to maintain persistence have not been … More →

The post …

attacks breach chinese connect connect secure cyber espionage deploy device don't miss enterprise flaws fortinet government-backed attacks hackers hot stuff hunters incident incident responders ivanti ivanti connect secure ivanti connect secure vpn malware mandiant modifications organizations secure vpn sponsored state state-sponsored hackers threat threat intelligence understanding vpn