Cybersecurity firm Mandiant has discovered a zero-day vulnerability in Ivanti Connect Secure VPN appliances being exploited by a potential China-linked cyber-espionage group. With no clear attribution to a specific threat actor, the security flaw has been actively used since December 2024. The vulnerability enables attackers to execute remote code, move within networks and install persistent backdoors. Mandiant suggests that multiple threat actors might be involved and recommends affected users to execute a factory reset to mitigate risks.
Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity
Witnesses at a House hearing on medical device cybersecurity highlighted the need for better tracking of devices and their vulnerability to cyber threats. They noted
