Tag: ivanti

Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282)

Jan 9, 2025 2:20 PM

Tags: attack, exploit, ivanti, mandiant, vulnerability, zero-day

The zero-day attacks leveraging the Ivanti Connect Secure (ICS) vulnerability (CVE-2025-0282) made public on Wednesday were first spotted in mid-December 2024, Mandiant … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/09/ivanti-cve-2025-0282-zero-day-attacks-indicators-of-compromise/
Zero-Day Patch Alert: Ivanti Connect Secure Under Attack

Jan 9, 2025 1:18 PM

Tags: attack, china, exploit, ivanti, malware, update, vpn, vulnerability, zero-day

Suspected Chinese Attackers Again Tied to Active Exploitation of VPN Appliances. VPN appliance maker Ivanti has begun releasing updates to patch a zero-day vulnerability being actively exploited by suspected nation-state attackers. Experts are warning users to immediately update their devices, after factory resetting them to flush any malware attackers may have installed. First seen on…
Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies

Jan 9, 2025 12:18 PM

Tags: china, cloud, cve, exploit, google, ivanti, mandiant, vpn, zero-day

Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies. The post Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/exploitation-of-new-ivanti-vpn-zero-day-linked-to-chinese-cyberspies/
Critical Ivanti Zero-Day Exploited in the Wild

Jan 9, 2025 11:18 AM

Tags: exploit, ivanti, update, zero-day

Ivanti customers are urged to patch two new bugs in the security vendor’s products, one of which is being actively exploited First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/critical-ivanti-zeroday-exploited/
Ivanti Connect Secure: Angreifer attackieren kritische Sicherheitslücke

Jan 9, 2025 9:18 AM

Tags: bug, ivanti

Ivanti warnt vor aktiven Angriffen auf Ivanti Secure Connect-Systeme. Durch Codeschmuggel können Netzwerke kompromittiert werden. First seen on heise.de Jump to article: www.heise.de/news/Ivanti-Connect-Secure-Angreifer-attackieren-kritische-Sicherheitsluecke-10233099.html
Ivanti 0-Day Vulnerability Exploited in Wild-Patch Now

Jan 9, 2025 7:18 AM

Tags: advisory, cve, cyber, exploit, ivanti, update, vulnerability, zero-day

Ivanti released a critical security advisory addressing vulnerabilities in its Connect Secure, Policy Secure, and ZTA Gateways products. This advisory reveals the existence of two significant vulnerabilities, CVE-2025-0282 and CVE-2025-0283, which have been exploited in the wild, necessitating immediate action from users. Critical Vulnerability: CVE-2025-0282 CVE-2025-0282 is a stack-based buffer overflow vulnerability that affects Ivanti…
Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure

Jan 9, 2025 7:18 AM

Tags: cve, exploit, flaw, ivanti, vulnerability

Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024.The security vulnerability in question is CVE-2025-0282 (CVSS score: 9.0), a stack-based buffer overflow that affects Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2…
Ivanti warns critical RCE flaw in Connect Secure exploited as zero-day

Jan 9, 2025 5:18 AM

Tags: advisory, apt, attack, authentication, cve, cvss, cybersecurity, data-breach, exploit, flaw, google, government, group, intelligence, Internet, ivanti, law, mandiant, microsoft, network, rce, remote-code-execution, risk, software, threat, tool, vpn, vulnerability, zero-day

IT software provider Ivanti released patches Wednesday for its Connect Secure SSL VPN appliances to address two memory corruption vulnerabilities, one of which has already been exploited in the wild as a zero-day to compromise devices.The exploited vulnerability, tracked as CVE-2025-0282, is a stack-based buffer overflow rated as critical with a CVSS score of 9.0.…
Zero-Day Alert: UNC5337 Exploits Ivanti VPN Vulnerability CVE-2025-0282 for Espionage Operations

Jan 9, 2025 5:18 AM

Tags: cve, espionage, exploit, ivanti, threat, vpn, vulnerability, zero-day

Ivanti Connect Secure (ICS) VPN appliances have become the focus of advanced threat actors, exploiting a newly disclosed First seen on securityonline.info Jump to article: securityonline.info/zero-day-alert-unc5337-exploits-ivanti-vpn-vulnerability-cve-2025-0282-for-espionage-operations/
CVE-2025-0282: Ivanti Connect Secure Zero-Day Vulnerability Exploited In The Wild

Jan 8, 2025 11:18 PM

Tags: access, advisory, attack, authentication, cve, exploit, flaw, group, injection, ivanti, malware, ransomware, remote-code-execution, threat, tool, update, vulnerability, zero-day, zero-trust

Ivanti disclosed two vulnerabilities in its Connect Secure, Policy Secure and Neurons for ZTA gateway devices, including one flaw that was exploited in the wild as a zero-day. Background On January 8, Ivanti published a security advisory for two vulnerabilities affecting multiple products including Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for Zero…
Ivanti warns hackers are exploiting new vulnerability

Jan 8, 2025 10:19 PM

Tags: advisory, cve, exploit, hacker, ivanti, vulnerability

The company released an advisory and a corresponding blog about two bugs, CVE-2025-0282 and CVE-2025-0283, and warned that some customers have already seen CVE-2025-0282 exploited in their environments.]]> First seen on therecord.media Jump to article: therecord.media/ivanti-warns-of-hackers-exploiting-new-vulnerability
Ivanti warns of new Connect Secure flaw used in zero-day attacks

Jan 8, 2025 10:19 PM

Tags: attack, cve, exploit, flaw, ivanti, malware, remote-code-execution, vulnerability, zero-day

Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-warns-of-new-connect-secure-flaw-used-in-zero-day-attacks/
Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product

Jan 8, 2025 9:19 PM

Tags: attack, exploit, flaw, ivanti, zero-day

Ivanti confirms zero-day exploitation of a remotely exploitable code execution flaw in its Connect Security product line. The post Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ivanti-warns-of-new-zero-day-attacks-hitting-connect-secure-product/
Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282)

Jan 8, 2025 9:19 PM

Tags: exploit, ivanti, vulnerability, zero-day

Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways, one of which (CVE-2025-0282) has been exploited as a zero-day by … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/08/ivanti-exploited-connect-secure-zero-day-cve-2025-0282-cve-2025-0283/
Top 12 ways hackers broke into your systems in 2024

Dec 31, 2024 8:27 AM

Tags: access, adobe, ai, api, apt, attack, authentication, backdoor, breach, business, china, cloud, control, corporate, credentials, cve, cvss, cyber, cybercrime, cybersecurity, data, data-breach, defense, detection, email, endpoint, exploit, finance, flaw, fortinet, government, group, hacker, healthcare, identity, infection, injection, Internet, iran, ivanti, jobs, malicious, malware, mfa, microsoft, mitigation, mobile, moveIT, north-korea, okta, open-source, phishing, pypi, ransomware, rce, remote-code-execution, risk, russia, scam, software, sql, strategy, supply-chain, tactics, theft, tool, unauthorized, update, vpn, vulnerability, zero-day

In 2024, hackers had a field day finding sneaky ways into systems, from convincing phishing scams that played on human curiosity to brutal software flaws that exposed gaps in tech upkeep. It was a year of clever breaches, showing just how wide the gap is between user habits and security practices.”While every year brings new…
The 2024 cyberwar playbook: Tricks used by nation-state actors

Dec 25, 2024 7:43 AM

Tags: access, ai, apt, at&t, attack, authentication, backdoor, blizzard, botnet, breach, china, cisa, cloud, control, credentials, cve, cvss, cyber, cybersecurity, data, ddos, defense, detection, email, espionage, exploit, flaw, fortinet, google, government, group, hacker, hacking, healthcare, india, infrastructure, iran, ivanti, linux, login, malicious, malware, mfa, microsoft, mobile, network, offense, office, open-source, password, phishing, powershell, remote-code-execution, router, russia, service, social-engineering, software, spear-phishing, spy, strategy, supply-chain, tactics, theft, threat, tool, unauthorized, update, vpn, vulnerability, warfare, windows, worm, zero-day

In 2024, nation-state cyber activity was off the charts, with Chinese, Russian, and Iranian actors leading the charge. Their campaigns weren’t just relentless, they were innovative, using a crafty mix of Tactics, Techniques, and Procedures (TTPs) to gain footholds, stay hidden, and spy-like pros.”There was definitely a continued and noted uptick in nation-state activity in…
Top 7 zero-day exploitation trends of 2024

Dec 23, 2024 10:42 AM

Tags: access, ai, attack, authentication, backdoor, botnet, breach, bug-bounty, business, china, ciso, cloud, computing, control, corporate, cve, cyberespionage, cybersecurity, data, data-breach, defense, email, endpoint, exploit, firewall, flaw, framework, github, google, government, group, hacker, identity, infrastructure, injection, Internet, ivanti, kev, leak, linux, malicious, malware, ml, monitoring, moveIT, network, north-korea, open-source, password, programming, pypi, ransomware, remote-code-execution, risk, service, software, sql, supply-chain, tool, training, unauthorized, update, vpn, vulnerability, windows, zero-day

Zero-day vulnerabilities saw big growth once again in 2024. With no patch available, zero-day flaws give attackers a significant jump on cybersecurity defense teams, making them a critical weapon for attacking enterprise systems.But while all zero-days are essential for CISOs and their team to be aware of, and for vendors to remedy in a timely…
CVSS 10.0 – Alarmstufe Rot für die Cloud Services Application von Ivanti

Dec 17, 2024 7:44 AM

Tags: cloud, cvss, ivanti, service

First seen on security-insider.de Jump to article: www.security-insider.de/ivanti-cloud-services-sicherheitsupdate-a-af37ebf25237d03e0e394e141d611278/
Sicherheitslücken/Schadsoftware, Hacks (Dez. 2024): Windows, 7-Zip, Ivanti etc.

Dec 14, 2024 11:05 PM

Tags: cloud, exploit, ivanti, mfa, software, vulnerability, windows

Noch ein kleiner Sammelbeitrag zu Schwachstellen in diversen Produkten wie Windows, Ivanti Cloud-Apps, 7-Zip, Windows 9-Days, Dell Software, und mehr. Manche Schwachstellen sind gepatcht, für andere gibt es ein Exploit oder sie werden ausgenutzt. Weiterhin konnten Sicherheitsforscher die MFA für … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/14/sicherheitsluecken-und-schadsoftware-dez-2024-7-zip-ivanti/
Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities

Dec 11, 2024 5:36 AM

Tags: authentication, cloud, cve, flaw, ivanti, service, update, vulnerability

Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution.The list of vulnerabilities is as follows -CVE-2024-11639 (CVSS score: 10.0) – An authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 that…
Ivanti warns of maximum severity CSA auth bypass vulnerability

Dec 10, 2024 9:09 PM

Tags: authentication, cloud, ivanti, service, vulnerability

Ivanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-warns-of-maximum-severity-csa-auth-bypass-vulnerability/
Security Pros Positive About GenAI in Cyber, Despite Raising Attack Severity

Dec 3, 2024 2:48 PM

Tags: ai, attack, cyber, cybersecurity, ivanti

Ivanti research found that security professionals are eight-times more likely to say GenAI is a net positive versus a net negative for cybersecurity First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/security-pros-genai-attack/
Ivanti Connect Secure/Policy Secure CVE-2023-46805, CVE-2024-21887 Combine for Unauthenticated RCE, and following CVEs discovered over time

Dec 1, 2024 1:19 AM

Tags: cve, detection, ivanti, rce, remote-code-execution, threat

Written by the Kudelski Security Threat Detection & Research Team (updated on 2024.02.12 by Yann Lehmann) Summary Ivanti Connect Secure (ICS) and … First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/01/11/ivanti-connect-secure-policy-secure-cve-2023-46805-cve-2024-21887-combine-for-unauthenticated-rce/
Ivanti Patches 50 Vulnerabilities Across Several Products

Nov 13, 2024 1:53 PM

Tags: access, endpoint, ivanti, vulnerability

Ivanti has released fixes for dozens of vulnerabilities in Endpoint Manager, Avalanche, Connect Secure, Policy Secure, and Secure Access Client. The post Ivanti Patches 50 Vulnerabilities Across Several Products appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ivanti-patches-50-vulnerabilities-across-several-products/
Ivanti Warns of Critical Vulnerabilities in Connect Secure, Policy Secure Secure Access

Nov 13, 2024 11:54 AM

Tags: access, cyber, exploit, ivanti, service, update, vulnerability

Ivanti, the well-known provider of IT asset and service management solutions, has issued critical security updates for its products Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC). These updates address multiple vulnerabilities, including medium, high, and critical severity issues, which, if exploited, could lead to denial of service (DoS), privilege escalation, and…
Ivanti patcht Endpoint Manager, Avalanche, VPN- und NAC-Software

Nov 13, 2024 11:54 AM

Tags: endpoint, ivanti, software, vpn

Ivanti bessert zahlreiche, teils kritische Sicherheitslücken in diversen Produkten aus. IT-Verwantwortliche sollten aktiv werden. First seen on heise.de Jump to article: www.heise.de/news/Ivanti-patcht-Endpoint-Manager-Avalanche-VPN-und-NAC-Software-10030118.html
Ivanti zero-day vulnerabilities exploited in chained attack

Nov 8, 2024 5:01 PM

Tags: attack, cloud, cve, exploit, flaw, ivanti, service, vulnerability, zero-day

The new exploit chains targeting Ivanti Cloud Service Application customers are connected to a previously disclosed critical path traversal flaw, CVE-… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366613041/Ivanti-zero-day-vulnerabilities-exploited-in-chained-attack
New infosec products of the week: October 25, 2024

Oct 28, 2024 4:56 PM

Tags: ibm, infosec, ivanti

Here’s a look at the most interesting products from the past week, featuring releases from Fastly, IBM, Ivanti, Kusari, and Nucleus Security. IBM Guar… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/25/new-infosec-products-of-the-week-october-25-2024/
More Ivanti vulnerabilities exploited in the wild

Oct 25, 2024 3:55 PM

Tags: attack, cloud, exploit, flaw, ivanti, threat, vulnerability

Three vulnerabilities in Ivanti products have come under attack by unknown threat actors in recent weeks, including two flaws in the company’s Cloud S… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366611897/More-Ivanti-vulnerabilities-exploited-in-the-wild
Nation-State Attackers Exploiting Ivanti CSA Flaws for Network Infiltration

Oct 23, 2024 9:26 PM

Tags: cloud, exploit, flaw, ivanti, network, service, zero-day

A suspected nation-state adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance (CSA) a zero-day to perform a … First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/nation-state-attackers-exploiting.html