all InfoSec news
Ivanti Connect Secure VPN Exploitation: New Observations
Malware Analysis, News and Indicators - Latest topics malware.news
On January 15, 2024, Volexity detailed widespread exploitation of Ivanti Connect Secure VPN vulnerabilities CVE-2024-21887 and CVE-2023-46805. In that blog post, Volexity detailed broader scanning and exploitation by threat actors using still non-public exploits to compromise numerous devices. The following day, January 16, 2023, proof-of-concept code for the exploit was made public by Rapid7. Subsequently, Volexity has observed an increase in attacks from various threat actors against Ivanti Connect Secure VPN appliances beginning the same day.
Additionally, Volexity has …
blog blog post code compromise concept connect cve cve-2023-46805 cve-2024-21887 devices exploit exploitation exploits ivanti ivanti connect secure ivanti connect secure vpn january non proof proof-of-concept public scanning secure vpn threat threat actors volexity vpn vulnerabilities