Multiple malware used in attacks exploiting Ivanti VPN flaws

Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices.

Mandiant researchers discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti …

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader.

In early January 2024, software firm Ivanti reported that threat actors were exploiting two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Connect Secure (ICS) …

文 » A