cognitive cybersecurity intelligence

News and Analysis

Search

Ivanti Connect Secure zero-days exploited to deploy custom malware

Hackers have been using two zero-day vulnerabilities in Ivanti Connect Secure’s systems for espionage since December. The breaches, dubbed CVE-2023-46805 and CVE-2024-21887, allow authentication bypassing and arbitrary command injection on the affected systems. The threat actor behind these attacks, known as UNC5221, employs tools that plant malware, steal credentials, and drop payloads. Although there’s no security update available yet for the vulnerabilities, Ivanti offers mitigation measures.

Source: www.bleepingcomputer.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts