| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Krustyloader | Unspecified | 2 | KrustyLoader is a malicious software (malware) that has emerged as a significant threat to both Windows and Linux systems. This backdoor malware, known for its disruptive capabilities, can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Unc5221 | Unspecified | 2 | UNC5221, a threat actor linked to China, has been identified as the group behind recent cyberattacks involving new malware specifically designed to exploit vulnerabilities in Ivanti Connect Secure VPN and Policy Secure devices. The discovery was made by Mandiant researchers who observed the deployme |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| CVE-2023-46805 | Unspecified | 6 | CVE-2023-46805 is a significant software vulnerability discovered in the web component of all supported versions of Ivanti Connect Secure and Ivanti Policy Secure (versions 9.x and 22.x). This flaw, which allows for authentication bypass, was first brought to the attention of the Cyber Centre on Jan |
| CVE-2024-21893 | Unspecified | 2 | CVE-2024-21893 is a server-side request forgery (SSRF) vulnerability, a flaw in software design or implementation within Ivanti's products. This particular vulnerability has been exploited in targeted attacks as a zero-day, which means it was used by attackers before the vendor became aware of and p |
| Preview | Source Link | CreatedAt | Title |
|---|---|---|---|
| CISA | 10 days ago | Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations | CISA | |
| CERT-EU | 8 months ago | Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families | |
| Malwarebytes | 8 months ago | Ivanti vulnerabilities now actively exploited in massive numbers | |
| CERT-EU | 6 months ago | Ivanti follows CISA warning with new protection tool | |
| CERT-EU | 6 months ago | Magnet Goblin hackers used Ivanti bugs to drop custom Linux malware | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | |
| InfoSecurity-magazine | 2 months ago | CISA Urges Software Makers to Eliminate OS Command Injection Flaws | |
| CISA | 2 months ago | CISA and FBI Release Secure by Design Alert on Eliminating OS Command Injection Vulnerabilities | CISA | |
| InfoSecurity-magazine | 2 months ago | Cyber Attackers Turn to Cloud Services to Deploy Malware | |
| DARKReading | 2 months ago | Threat Actor May Have Accessed Sensitive Info on CISA Chemical App | |
| Fortinet | 2 months ago | The Growing Threat of Malware Concealed Behind Cloud Services | FortiGuard Labs | |
| Securityaffairs | 2 months ago | CISA confirmed that CSAT environment was breached in January | |
| Securityaffairs | 4 months ago | Mirai botnet also spreads through the exploitation of Ivanti Connect Secure bugs | |
| Securityaffairs | 4 months ago | MITRE attributes the recent attack to China-linked UNC5221 | |
| Unit42 | 5 months ago | It Was Not Me! Malware-Initiated Vulnerability Scanning Is on the Rise | |
| InfoSecurity-magazine | 5 months ago | Chinese Groups Deploy New TTPs to Exploit Ivanti Vulnerabilities | |
| Securityaffairs | 5 months ago | Ivanti fixed for 4 new issues in Connect Secure and Policy Secure | |
| DARKReading | 6 months ago | Ivanti Keeps Security Teams Scrambling With 2 More Vulns | |
| Securityaffairs | 6 months ago | Ivanti urges customers to fix critical RCE flaw in Standalone Sentry | |
| CERT-EU | 6 months ago | Cyber Security Week in Review: March 15, 2024 | |
| CERT-EU | 6 months ago | Risk & Repeat: CISA hacked via Ivanti vulnerabilities | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting |