• progress_activity cloud_sync

    Reconnection to the server…

    Movim cannot talk with the server, please try again later


    • Public subscriptions

    • chevron_right

      coopr8

    • chevron_right

      gabagoo

    • chevron_right

      kenu_demon

    • chevron_right

      coopr8

    • chevron_right

      gabagoo

    • chevron_right

      kenu_demon

    • chevron_right

      coopr8

    • chevron_right

      gabagoo

    • chevron_right

      kenu_demon

  • Register Login

    Movim

    movim.chatterboxtown.us


  • group_work rss_feed
    add Follow

    ArsTechnica

    • Ar chevron_right

      Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware

      news.movim.eu / ArsTechnica • 9 January 2025

    Networks protected by Ivanti VPNs are under active attack by well-resourced hackers who are exploiting a critical vulnerability that gives them complete control over the network-connected devices.

    Hardware maker Ivanti disclosed the vulnerability, tracked as CVE-2025-0283, on Wednesday and warned that it was under active exploitation against some customers. The vulnerability, which is being exploited to allow hackers to execute malicious code with no authentication required, is present in the company’s Connect Secure VPN, and Policy Secure & ZTA Gateways. Ivanti released a security patch at the same time. It upgrades Connect Secure devices to version 22.7R2.5.

    Well-written, multifaceted

    According to Google-owned security provider Mandiant, the vulnerability has been actively exploited against “multiple compromised Ivanti Connect Secure appliances” since December, a month before the then zero-day came to light. After exploiting the vulnerability, the attackers go on to install two never-before-seen malware packages, tracked under the names DRYHOOK and PHASEJAM on some of the compromised devices.

    Read full article

    Comments

    • tagbiz & it tagbiz & it tagbiz & it tagsecurity tagsecurity tagsecurity tagbiz & it tagbiz & it tagbiz & it tagsecurity tagsecurity tagsecurity tagbiz & it tagbiz & it tagbiz & it tagsecurity tagsecurity tagsecurity

    • Pictures 3 image

    • visibility
    • visibility
    • visibility
    • Ar chevron_right

      Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware

      news.movim.eu / ArsTechnica • 9 January 2025

    Networks protected by Ivanti VPNs are under active attack by well-resourced hackers who are exploiting a critical vulnerability that gives them complete control over the network-connected devices.

    Hardware maker Ivanti disclosed the vulnerability, tracked as CVE-2025-0283, on Wednesday and warned that it was under active exploitation against some customers. The vulnerability, which is being exploited to allow hackers to execute malicious code with no authentication required, is present in the company’s Connect Secure VPN, and Policy Secure & ZTA Gateways. Ivanti released a security patch at the same time. It upgrades Connect Secure devices to version 22.7R2.5.

    Well-written, multifaceted

    According to Google-owned security provider Mandiant, the vulnerability has been actively exploited against “multiple compromised Ivanti Connect Secure appliances” since December, a month before the then zero-day came to light. After exploiting the vulnerability, the attackers go on to install two never-before-seen malware packages, tracked under the names DRYHOOK and PHASEJAM on some of the compromised devices.

    Read full article

    Comments

    • tagbiz & it tagbiz & it tagbiz & it tagsecurity tagsecurity tagsecurity tagbiz & it tagbiz & it tagbiz & it tagsecurity tagsecurity tagsecurity tagbiz & it tagbiz & it tagbiz & it tagsecurity tagsecurity tagsecurity

    • Pictures 3 image

    • visibility
    • visibility
    • visibility
    • Ar chevron_right

      Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware

      news.movim.eu / ArsTechnica • 9 January 2025

    Networks protected by Ivanti VPNs are under active attack by well-resourced hackers who are exploiting a critical vulnerability that gives them complete control over the network-connected devices.

    Hardware maker Ivanti disclosed the vulnerability, tracked as CVE-2025-0283, on Wednesday and warned that it was under active exploitation against some customers. The vulnerability, which is being exploited to allow hackers to execute malicious code with no authentication required, is present in the company’s Connect Secure VPN, and Policy Secure & ZTA Gateways. Ivanti released a security patch at the same time. It upgrades Connect Secure devices to version 22.7R2.5.

    Well-written, multifaceted

    According to Google-owned security provider Mandiant, the vulnerability has been actively exploited against “multiple compromised Ivanti Connect Secure appliances” since December, a month before the then zero-day came to light. After exploiting the vulnerability, the attackers go on to install two never-before-seen malware packages, tracked under the names DRYHOOK and PHASEJAM on some of the compromised devices.

    Read full article

    Comments

    • tagbiz & it tagbiz & it tagbiz & it tagsecurity tagsecurity tagsecurity tagbiz & it tagbiz & it tagbiz & it tagsecurity tagsecurity tagsecurity tagbiz & it tagbiz & it tagbiz & it tagsecurity tagsecurity tagsecurity

    • Pictures 3 image

    • visibility
    • visibility
    • visibility
  • cloud_queue

    Powered by Movim