all InfoSec news
Cutting Edge, Part 3: Investigating Ivanti Connect Secure VPN Exploitation and Persistence Attempts
Malware Analysis, News and Indicators - Latest topics malware.news
Mandiant and Ivanti's investigations into widespread Ivanti zero-day exploitation have continued across a variety of industry verticals, including the U.S. defense industrial base sector. Following the initial publication on Jan. 10, 2024, Mandiant observed mass attempts to exploit these vulnerabilities by a small number of China-nexus threat actors, and development of a mitigation bypass exploit targeting CVE-2024-21893 used by UNC5325, which we introduced in our "Cutting Edge, Part 2" blog post.
Notably, Mandiant has identified UNC5325 using a …
base china connect connect secure cutting defense defense industrial base edge exploit exploitation industrial industrial base industry investigations ivanti ivanti connect secure ivanti connect secure vpn mandiant nexus persistence sector secure vpn threat verticals vpn vulnerabilities zero-day