Ivanti Connect Secure has two zero-day vulnerabilities exploited by threat actors, likely from China, enabling them to execute commands on appliances. Ivanti has released mitigations with patches due in late January. Over 7,000 vulnerable instances have been identified, mainly in the US, Japan and Europe. The attacker, UNC5221, aims at espionage, using diverse malware to maintain access to compromised systems.
Watch for a letter from Change Healthcare
A data breach at CHC, a service provider for health organizations, has allowed cybercriminals access to personal data including names, addresses, and health insurance details