Chinese Group Runs Highly Persistent Ivanti 0-Day Exploits

UNC5325 Can Remain in Hacked Devices Despite Factory Reset and Patches
Chinese threat actors are continuing to persist after exploiting the recent Ivanti Connect Secure VPN vulnerability even after factory resets, system upgrades and patches. The threat actor, UNC5325, is adept at "living off the land" techniques, warned threat intelligence firm Mandiant.

0-day exploits actor can chinese connect connect secure devices exploiting exploits factory hacked intelligence ivanti ivanti connect secure ivanti connect secure vpn living off the land mandiant patches persistent reset secure vpn system techniques threat threat actor threat actors threat intelligence vpn vulnerability