all InfoSec news
New Malware Sets Stage For Persistence in Ivanti Exploits
Malware Analysis, News and Indicators - Latest topics malware.news
As part of the continual mass exploitation activity against previously disclosed and patched Ivanti flaws, China-linked threat actors are using a new malware variant in an attempt to maintain a foothold on infected appliances across system upgrades, patches and factory resets.
While investigating exploitation efforts against one of several recent flaws in Ivanti Connect Secure and Policy Secure - a server-side request forgery bug (CVE-2024-21893) - Mandiant researchers found Chinese cyber espionage operator UNC5325 using a combination of living-off-the-land tactics …
china china-linked threat actors exploitation exploits factory flaws ivanti malware patches persistence stage system threat threat actors