all InfoSec news
Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN
Malware Analysis, News and Indicators - Latest topics malware.news
Volexity has uncovered active in-the-wild exploitation of two vulnerabilities allowing unauthenticated remote code execution in Ivanti Connect Secure VPN devices. An official security advisory and knowledge base article have been released by Ivanti that includes mitigation that should be applied immediately. However, a mitigation does not remedy a past or ongoing compromise. Systems should simultaneously be thoroughly analyzed per details in this post to look for signs of a breach.
During the second week of December 2023, Volexity detected suspicious …
advisory article base code code execution connect devices exploitation ivanti knowledge knowledge base mitigation official remedy remote code remote code execution secure vpn security security advisory unauthenticated uncovered volexity vpn vulnerabilities zero-day zero-day vulnerabilities