all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Warning: New Malware Emerges in Attacks Exploiting Ivanti VPN Vulnerabilities

Add to bookmarks
Feb. 1, 2024, 7:43 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Google-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat groups during post-exploitation activity targeting Ivanti Connect Secure VPN and Policy Secure devices.
This includes custom web shells such as BUSHWALK, CHAINLINE, FRAMESTING, and a variant of LIGHTWIRE.
"CHAINLINE is a Python web shell backdoor that is

actor attacks china connect devices espionage exploitation exploiting google ivanti ivanti connect secure ivanti connect secure vpn ivanti vpn malware mandiant nexus policy post-exploitation secure devices secure vpn shells targeting threat threat actor threat groups vpn vulnerabilities warning web web shells

Visit resource

More from thehackernews.com / The Hacker News

Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw 11 hours ago | thehackernews.com
android android apps app applications +32
Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million 13 hours ago | thehackernews.com
attacks hacker national pay +10
When is One Vulnerability Scanner Not Enough? 15 hours ago | thehackernews.com
antivirus antivirus software benefits concept +18
Dropbox Discloses Breach of Digital Signature Service Affecting All Users 15 hours ago | thehackernews.com
account breach breached cloud +23
New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw 15 hours ago | thehackernews.com
attackers attacks botnet called +18
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability 19 hours ago | thehackernews.com
account account takeover agency catalog +28
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials 20 hours ago | thehackernews.com
authentication called cloud connections +24
Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds 1 day, 11 hours ago | thehackernews.com
analysis bitcoin blockchain clusters +19
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers 1 day, 12 hours ago | thehackernews.com
android android devices android malware binary +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Information Security Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX
View on infosec-jobs.com

Principal Security Researcher (Advanced Threat Prevention)

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

EWT Infosec | IAM Technical Security Consultant - Manager

@ KPMG India | Bengaluru, Karnataka, India
View on infosec-jobs.com

Security Engineering Operations Manager

@ Gusto | San Francisco, CA; Denver, CO; Remote
View on infosec-jobs.com

Network Threat Detection Engineer

@ Meta | Denver, CO | Reston, VA | Menlo Park, CA | Washington, DC
View on infosec-jobs.com
View more jobs