Tag: ivanti
-
Neue und alte Schwachstellen geschlossen Day-Schwachstellen in Ivanti Connect Secure VPN
First seen on security-insider.de Jump to article: www.security-insider.de/ivanti-warnung-schwachstellen-connect-secure-policy-secure-gateways-a-9747fc7b8fdd216f06cdda657ca04150/
-
UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks
Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent exploitation of a new Ivanti VPN vulnerability. In an email to customers, seen by TechCrunch, Nominet warned of an “ongoing security incident
-
Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) Ivanti … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/12/week-in-review-exploited-ivanti-connect-secure-zero-day-patch-tuesday-forecast/
-
Ivanti Urges Patch for Flaws in Connect Secure, Policy Secure and ZTA Gateways
Ivanti has issued a critical security advisory addressing two vulnerabilities in its Connect Secure, Policy Secure, and ZTA Gateway products. First seen on hackread.com Jump to article: hackread.com/ivanti-patch-flaws-connect-secure-policy-secure-zta-gateways/
-
Alert of Buffer Overflow Vulnerabilities in Multiple Ivanti Products (CVE-2025-0282)
Overview Recently, NSFOCUS detected that Ivanti issued a security announcement and fixed buffer overflow vulnerabilities (CVE-2025-0282) in several products of Ivanti. Due to the stack-based buffer overflow in Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA Gateways, an unauthenticated attacker can trigger a buffer overflow by sending specially crafted packets allowing arbitrary…The…
-
Mandiant links Ivanti zero-day exploitation to Chinese hackers
Mandiant warned users to be prepared for widespread exploitation of CVE-2025-0282 as Ivanti products have become a popular target for attackers in recent years. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366617826/Mandiant-links-Ivanti-zero-day-exploitation-to-Chinese-hackers
-
Ivanti zero-day exploited by APT group that previously targeted Connect Secure appliances
Researchers from Google’s Mandiant division believe the critical remote code execution vulnerability patched on Wednesday by software vendor Ivanti has been exploited since mid-December by a Chinese cyberespionage group. This is the same group that has exploited zero-day vulnerabilities in Ivanti Connect Secure appliances back in January 2024 and throughout the year.The latest attacks, exploiting…
-
Ivanti zero-day attacks infected devices with custom malware
Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called ‘Dryhook’ and ‘Phasejam’ that is not currently associated with any threat group. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-chinese-hackers-likely-behind-ivanti-vpn-zero-day-attacks/
-
Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware
In-the-wild attacks tamper with built-in security tool to suppress infection warnings. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/01/ivanti-vpn-users-are-getting-hacked-by-actors-exploiting-a-critical-vulnerability/
-
Chinese spies targeting new Ivanti vulnerability, Mandiant says
A recently discovered bug in Ivanti’s Connect Secure VPN appears to be a target for malware previously only deployed by China-based hackers, say researchers for Google’s Mandiant team.]]> First seen on therecord.media Jump to article: therecord.media/china-espionage-ivanti-vulnerabilities-mandiant
-
Active exploitation of Ivanti Connect Secure zero-day ongoing
First seen on scworld.com Jump to article: www.scworld.com/brief/active-exploitation-of-ivanti-connect-secure-zero-day-ongoing
-
Chinese-linked Hackers May Be Exploiting Latest Ivanti Vulnerability
Software maker Ivanti, which for more than a year has been plagued by security flaws in its appliance, unveiled two new ones this week, with Mandiant researchers saying that one likely is being activity exploited by China-linked threat groups. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/chinese-linked-hackers-may-be-exploiting-latest-ivanti-vulnerability/
-
Ivanti customers confront new zero-day with suspected nation-state nexus
The latest attacks come one year after a threat group exploited a pair of zero-days in the same Ivanti product. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ivanti-zero-day-attacks/736932/
-
New zero-day exploit targets Ivanti VPN product
Mandiant says it found malware in impacted devices associated with a Chinese-linked threat group. First seen on cyberscoop.com Jump to article: cyberscoop.com/ivanti-vpn-vulnerabilities-zero-day-exploit-china-cisa/
-
Ivanti VPN Attacks Started In Mid-December, May Have Links To China: Mandiant
Researchers at Google Cloud-owned Mandiant say that the exploitation of a critical Ivanti Connect Secure vulnerability began in December 2024 and may be connected to a China-based threat group. First seen on crn.com Jump to article: www.crn.com/news/security/2025/ivanti-vpn-attacks-started-in-mid-december-may-have-links-to-china-mandiant
-
Chinese hackers likely behind Ivanti VPN zero-day attacks
Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called ‘Dryhook’ and ‘Phasejam’ that is not currently associated with any threat group. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-chinese-hackers-likely-behind-ivanti-vpn-zero-day-attacks/
-
Ivanti Discloses Exploitation Of ‘Critical’ VPN Vulnerability
Ivanti’s Connect Secure VPN is vulnerable to a critical-severity zero-day vulnerability that has been exploited in attacks as well as a second, high-severity flaw, the company says. First seen on crn.com Jump to article: www.crn.com/news/security/2025/ivanti-discloses-exploitation-of-critical-vpn-vulnerability
-
Zero-day exploits plague Ivanti Connect Secure appliances for second year running
Factory resets and apply patches is the advice amid fortnight delay for other appliances First seen on theregister.com Jump to article: www.theregister.com/2025/01/09/zeroday_exploits_ivanti/
-
Critical Ivanti Connect Secure zero-day flaw under attack
Although Ivanti has seen exploitation of CVE-2025-0282 in only Ivanti Connect Secure instances, Ivanti Policy Secure and ZTA gateways are also vulnerable to the flaw. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366617819/Critical-Ivanti-Connect-Secure-zero-day-flaw-under-attack
-
Hackers are exploiting a new Ivanti VPN security bug to hack into company networks
Mandiant says a Chinese cyberespionage group has been exploiting the critical-rated vulnerability since at least mid-December. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/09/hackers-are-exploiting-a-new-ivanti-vpn-security-bug-to-hack-into-company-networks/
-
U.S. CISA adds Ivanti Connect Secure, Policy Secure, and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Connect Secure, Policy Secure, and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Ivanti Connect Secure Vulnerability, tracked as CVE-2025-0282 (CVSS score: 9.0) to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability Ivanti impacted Ivanti Connect…
-
Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282)
The zero-day attacks leveraging the Ivanti Connect Secure (ICS) vulnerability (CVE-2025-0282) made public on Wednesday were first spotted in mid-December 2024, Mandiant … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/09/ivanti-cve-2025-0282-zero-day-attacks-indicators-of-compromise/
-
Zero-Day Patch Alert: Ivanti Connect Secure Under Attack
Suspected Chinese Attackers Again Tied to Active Exploitation of VPN Appliances. VPN appliance maker Ivanti has begun releasing updates to patch a zero-day vulnerability being actively exploited by suspected nation-state attackers. Experts are warning users to immediately update their devices, after factory resetting them to flush any malware attackers may have installed. First seen on…
-
Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies
Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies. The post Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/exploitation-of-new-ivanti-vpn-zero-day-linked-to-chinese-cyberspies/
-
Critical Ivanti Zero-Day Exploited in the Wild
Ivanti customers are urged to patch two new bugs in the security vendor’s products, one of which is being actively exploited First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/critical-ivanti-zeroday-exploited/
-
Ivanti Connect Secure: Angreifer attackieren kritische Sicherheitslücke
Ivanti warnt vor aktiven Angriffen auf Ivanti Secure Connect-Systeme. Durch Codeschmuggel können Netzwerke kompromittiert werden. First seen on heise.de Jump to article: www.heise.de/news/Ivanti-Connect-Secure-Angreifer-attackieren-kritische-Sicherheitsluecke-10233099.html
-
Ivanti 0-Day Vulnerability Exploited in Wild-Patch Now
Ivanti released a critical security advisory addressing vulnerabilities in its Connect Secure, Policy Secure, and ZTA Gateways products. This advisory reveals the existence of two significant vulnerabilities, CVE-2025-0282 and CVE-2025-0283, which have been exploited in the wild, necessitating immediate action from users. Critical Vulnerability: CVE-2025-0282 CVE-2025-0282 is a stack-based buffer overflow vulnerability that affects Ivanti…