Mandiant Updates Guidance for Protecting Against Ivanti Vulnerabilities
Image source: Shutterstock Following its disclosure of two new zero-days Jan 31, Ivanti too has updated its mitigation file. Customers who applied previous mitigation would need re-apply it to address new flaws. Google’s Mandiant security group has released updated guidance for Ivanti customers looking to remediate or harden their Ivanti Connect Secure (formerly Pulse Secure) […]
Read MoreChina’s UTA0178 Threat Group Backdoors 2,100 Ivanti VPN Appliances Via Recently Disclosed 0-Days
- Editor DTI
- January 18, 2024
- cve-2023-46805
- cve-2024-21887
- ivanti
- uta0178
- vpn
Image Source: Shutterstock Attacker stealing sensitive system data, tampering with built-in Integrity Check to hide signs of malicious activity. Multiple threat actors have joined Chinese advanced persistent threat group UTA0178 in targeting two recently disclosed zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances following the public release of a proof-of-concept exploit for the flaws […]
Read More