all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

APT Group Targets Ivanti Flaws

Add to bookmarks
Jan. 12, 2024, 8:05 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Researchers have discovered evidence of an unidentified APT group exploiting the recently disclosed Ivanti vulnerabilities to install malware, webshells, and other malicious tools, and say the activity began well before the bugs were publicly known.


The two vulnerabilities (CVE-2023-46805 and CVE-2024-21887) affect all supported versions of the company’s Connect Secure and Pulse Secure gateway appliances and Ivanti released an advisory on Jan. 10 detailing them and said that it was aware of active exploitation against fewer than 20 of its …

apt apt group bugs connect cve cve-2023-46805 cve-2024-21887 exploiting flaws gateway install ivanti malicious malware pulse pulse secure researchers the company tools vulnerabilities webshells

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

The Impact of Cyber Attacks on the Stock Markets 14 minutes ago | malware.news
attacks companies corporate cyber +13
Note to investors and security pros: drive innovation by going on the offensive 59 minutes ago | malware.news
article cybersecurity drive innovation +10
New network to target migrant smugglers in the digital domain an hour ago | malware.news
alliance april aspect counter +17
New High-Severity Vulnerability in Apache ActiveMQ Poses Risk of Unauthorized Access: CVE-2024-32114 an hour ago | malware.news
access activemq apache apache activemq +15
My impression of Botconf 2024 2 hours ago | malware.news
analysis botconf channel dotnet +13
Top 10 Free IoC Search & Enrichment Platforms 3 hours ago | malware.news
amp assets attacks breaches +33
ISC Stormcast For Friday, May 3rd, 2024 https://isc.sans.edu/podcastdetail/8966, (Fri, May 3rd) 10 hours ago | malware.news
topic
Preparation: The Less Shiny Side of Incident Response - Joe Gross - ESW #360 13 hours ago | malware.news
article incident incident response link +4
Critical GitLab account takeover flaw added to CISA’s KEV Catalog 14 hours ago | malware.news
account account takeover article catalog +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Offensive Security Engineer

@ Ivanti | United States, Remote
View on infosec-jobs.com

Senior Security Engineer I

@ Samsara | Remote - US
View on infosec-jobs.com

Senior Principal Information System Security Engineer

@ Chameleon Consulting Group | Herndon, VA
View on infosec-jobs.com

Junior Detections Engineer

@ Kandji | San Francisco
View on infosec-jobs.com

Data Security Engineer/ Architect - Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com
View more jobs