all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Chinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader Malware

Add to bookmarks
Jan. 31, 2024, 7:23 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver a Rust-based payload called KrustyLoader that's used to drop the open-source Sliver adversary simulation tool.
The security vulnerabilities, tracked as CVE-2023-46805 (CVSS score: 8.2) and CVE-2024-21887 (CVSS score: 9.1), could be abused

adversary adversary simulation called chinese chinese hackers connect cve cve-2023-46805 cve-2024-21887 cvss cvss score deploy devices exploited exploiting flaws hackers ics ivanti ivanti connect secure malware network payload private private network rust score security simulation sliver tool virtual virtual private network vpn vulnerabilities zero-day zero-day flaws

Visit resource

More from thehackernews.com / The Hacker News

Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities 1 day, 23 hours ago | thehackernews.com
actor apt28 campaign cyber +24
Expert-Led Webinar - Uncovering Latest DDoS Tactics and Learn How to Fight Back 2 days, 19 hours ago | thehackernews.com
address attacks back business +22
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications 2 days, 19 hours ago | thehackernews.com
abusing aim amp api +25
New Guide Explains How to Eliminate the Risk of Shadow SaaS and Protect Corporate Data 2 days, 21 hours ago | thehackernews.com
address applications business corporate +15
NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources 2 days, 22 hours ago | thehackernews.com
advisory agency alert cybersecurity +22
Google Announces Passkeys Adopted by Over 400 Million Accounts 3 days, 1 hour ago | thehackernews.com
accounts easy fingerprint google +8
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks 3 days, 3 hours ago | thehackernews.com
address aruba aruba networks arubaos +34
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw 3 days, 17 hours ago | thehackernews.com
android android apps app applications +32
Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million 3 days, 19 hours ago | thehackernews.com
attacks hacker national pay +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Sr Security Engineer - Colombia

@ Nubank | Colombia, Bogota
View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Menlo Park, CA | Washington, DC | Remote, US
View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Bridgwater, United Kingdom
View on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States
View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US
View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States
View on infosec-jobs.com
View more jobs