cognitive cybersecurity intelligence

News and Analysis

Ivanti Connect Secure zero-days exploited to deploy custom malware

Hackers have been using two zero-day vulnerabilities in Ivanti Connect Secure’s systems for espionage since December. The breaches, dubbed CVE-2023-46805 and CVE-2024-21887, allow authentication bypassing and arbitrary command injection on the affected systems. The threat actor behind these attacks, known as UNC5221, employs tools that plant malware, steal credentials, and drop payloads. Although there’s no security update available yet for the vulnerabilities, Ivanti offers mitigation measures.

Source: www.bleepingcomputer.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

Google: This Malware Has Spread To Over 10 Million Android Devices – PCMag Australia

Google: This Malware Has Spread To Over 10 Million Android Devices – PCMag Australia

Google: This Malware Has Spread To Over 10 Million Android Devices PCMag Australia

Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters – The Hacker News

Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters – The Hacker News

Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters The Hacker News

H2Miner Attacking Linux, Windows, and Containers to Mine Monero

H2Miner Attacking Linux, Windows, and Containers to Mine Monero

The H2Miner botnet, first observed in late 2019, has resurfaced with an expanded arsenal that blurs the line between cryptojacking and ransomware. The latest campaign

Hackers Exploiting DNS Blind Spots to Hide and Deliver Malware

Hackers Exploiting DNS Blind Spots to Hide and Deliver Malware

A sophisticated new attack vector where malicious actors are hiding malware inside DNS records, exploiting a critical blind spot in most organizations’ security infrastructure. This