#connectsecure — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #connectsecure, aggregated by home.social.
-
How #PrivateEquity #Debt Left a Leading #VPN Open to Chinese Hackers
-
🚨 April 2025 Vulnerability Report is out! 🚨
👉 https://www.vulnerability-lookup.org/2025/05/01/vulnerability-report-april-2025/
The most prominent vulnerabilities affect the following products:
- #Ivanti / #ConnectSecure
- #Erlang / OTP
- #SAP / SAP NetWeaverThe Continuous Exploitation section highlights several resurgent vulnerabilities (recently exploited at a high rate).
💻 NISDUC Conference
#VulnerabilityLookup will be presented during the fourth #NISDUC conference.
-
ConnectSecure empowers MSPs to mitigate risks within their clients’ Google Workspace environments https://www.helpnetsecurity.com/2025/04/15/connectsecure-google-workspace-assessments/ #ConnectSecure #Industrynews
-
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle – Source: www.securityweek.com https://ciso2ciso.com/rapid7-reveals-rce-path-in-ivanti-vpn-appliance-after-silent-patch-debacle-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #IncidentResponse #Malware&Threats #vulnerabilities #securityweekcom #CVE-2025-22457 #ConnectSecure #securityweek #Mandiant #Ivanti #Rapid7 #VPN
-
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle https://www.securityweek.com/rapid7-reveals-rce-path-in-ivanti-vpn-appliance-after-silent-patch-debacle/ #IncidentResponse #Malware&Threats #Vulnerabilities #ConnectSecure #CVE202522457 #Mandiant #Ivanti #Rapid7 #VPN
-
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle https://www.securityweek.com/rapid7-reveals-rce-path-in-ivanti-vpn-appliance-after-silent-patch-debacle/ #IncidentResponse #Malware&Threats #Vulnerabilities #ConnectSecure #CVE202522457 #Mandiant #Ivanti #Rapid7 #VPN
-
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle https://www.securityweek.com/rapid7-reveals-rce-path-in-ivanti-vpn-appliance-after-silent-patch-debacle/ #IncidentResponse #Malware&Threats #Vulnerabilities #ConnectSecure #CVE202522457 #Mandiant #Ivanti #Rapid7 #VPN
-
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle https://www.securityweek.com/rapid7-reveals-rce-path-in-ivanti-vpn-appliance-after-silent-patch-debacle/ #IncidentResponse #Malware&Threats #Vulnerabilities #ConnectSecure #CVE202522457 #Mandiant #Ivanti #Rapid7 #VPN
-
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle https://www.securityweek.com/rapid7-reveals-rce-path-in-ivanti-vpn-appliance-after-silent-patch-debacle/ #IncidentResponse #Malware&Threats #Vulnerabilities #ConnectSecure #CVE202522457 #Mandiant #Ivanti #Rapid7 #VPN
-
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle https://www.securityweek.com/rapid7-reveals-rce-path-in-ivanti-vpn-appliance-after-silent-patch-debacle/ #IncidentResponse #Malware&Threats #Vulnerabilities #ConnectSecure #CVE202522457 #Mandiant #Ivanti #Rapid7 #VPN
-
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle https://www.securityweek.com/rapid7-reveals-rce-path-in-ivanti-vpn-appliance-after-silent-patch-debacle/ #IncidentResponse #Malware&Threats #Vulnerabilities #ConnectSecure #CVE202522457 #Mandiant #Ivanti #Rapid7 #VPN
-
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle https://www.securityweek.com/rapid7-reveals-rce-path-in-ivanti-vpn-appliance-after-silent-patch-debacle/ #IncidentResponse #Malware&Threats #Vulnerabilities #ConnectSecure #CVE202522457 #Mandiant #Ivanti #Rapid7 #VPN
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances – Source: www.securityweek.com https://ciso2ciso.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #NetworkSecurity #securityweekcom #CVE-2025-22457 #ConnectSecure #PulseConnect #securityweek #Mandiant #UNC5221 #Ivanti
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances – Source: www.securityweek.com https://ciso2ciso.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #NetworkSecurity #securityweekcom #CVE-2025-22457 #ConnectSecure #PulseConnect #securityweek #Mandiant #UNC5221 #Ivanti
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances – Source: www.securityweek.com https://ciso2ciso.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #NetworkSecurity #securityweekcom #CVE-2025-22457 #ConnectSecure #PulseConnect #securityweek #Mandiant #UNC5221 #Ivanti
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances – Source: www.securityweek.com https://ciso2ciso.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #NetworkSecurity #securityweekcom #CVE-2025-22457 #ConnectSecure #PulseConnect #securityweek #Mandiant #UNC5221 #Ivanti
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances https://www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/ #Malware&Threats #NetworkSecurity #ConnectSecure #CVE202522457 #PulseConnect #Mandiant #UNC5221 #Ivanti
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances https://www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/ #Malware&Threats #NetworkSecurity #ConnectSecure #CVE202522457 #PulseConnect #Mandiant #UNC5221 #Ivanti
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances https://www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/ #Malware&Threats #NetworkSecurity #ConnectSecure #CVE202522457 #PulseConnect #Mandiant #UNC5221 #Ivanti
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances https://www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/ #Malware&Threats #NetworkSecurity #ConnectSecure #CVE202522457 #PulseConnect #Mandiant #UNC5221 #Ivanti
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances https://www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/ #Malware&Threats #NetworkSecurity #ConnectSecure #CVE202522457 #PulseConnect #Mandiant #UNC5221 #Ivanti
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances https://www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/ #Malware&Threats #NetworkSecurity #ConnectSecure #CVE202522457 #PulseConnect #Mandiant #UNC5221 #Ivanti
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances https://www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/ #Malware&Threats #NetworkSecurity #ConnectSecure #CVE202522457 #PulseConnect #Mandiant #UNC5221 #Ivanti
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances https://www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/ #Malware&Threats #NetworkSecurity #ConnectSecure #CVE202522457 #PulseConnect #Mandiant #UNC5221 #Ivanti
-
Ivanti Urges Patch for Flaws in Connect Secure, Policy Secure and ZTA Gateways – Source:hackread.com https://ciso2ciso.com/ivanti-urges-patch-for-flaws-in-connect-secure-policy-secure-and-zta-gateways-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #ConnectSecure #cybersecurity #Vulnerability #PolicySecure #ZTAGateways #Hackread #security #Ivanti
-
Ivanti Urges Patch for Flaws in Connect Secure, Policy Secure and ZTA Gateways https://hackread.com/ivanti-patch-flaws-connect-secure-policy-secure-zta-gateways/ #ConnectSecure #Cybersecurity #Vulnerability #PolicySecure #ZTAGateways #Security #Ivanti
-
Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product https://www.securityweek.com/ivanti-warns-of-new-zero-day-attacks-hitting-connect-secure-product/ #Malware&Threats #NetworkSecurity #vulnerabilities #ConnectSecure #CVE20250282 #CVE20250283 #Featured #Ivanti
-
Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product https://www.securityweek.com/ivanti-warns-of-new-zero-day-attacks-hitting-connect-secure-product/ #Malware&Threats #NetworkSecurity #vulnerabilities #ConnectSecure #CVE20250282 #CVE20250283 #Featured #Ivanti
-
ConnectSecure unveils M365 Assessment Module to help MSPs identify security weaknesses https://www.helpnetsecurity.com/2024/10/01/connectsecure-m365-assessment-module/ #ConnectSecure #Industrynews
-
MITRE disclosed that one of their research and development networks was compromised by a foreign nation-state threat actor in January 2024 using Ivanti Connect Secure zero-days CVE-2023-46805 and CVE-2024-21887. Networked Experimentation, Research, and Virtualization Environment (NERVE) is a collaborative network used for research, development, and prototyping. MITRE included a timeline, observed TTP methods (mapped out to MITRE ATT&CK techniques cc: @howelloneill) and their incident response actions. No IOC provided. 🔗 https://www.mitre.org/news-insights/news-release/mitre-response-cyber-attack-one-its-rd-networks and https://medium.com/mitre-engenuity/advanced-cyber-threats-impact-even-the-most-prepared-56444e980dc8 h/t @reverseics
#MITRE #Ivanti #ConnectSecure #CVE_2023_46805 #CVE_2024_21887 #threatintel #cyberespionage
-
I buried the lede in not mentioning that UNC5291 is assessed with medium confidence to be associated with Volt Typhoon, a Chinese state-sponsored Advanced Persistent Threat (APT). See related The Record reporting: Volt Typhoon and 4 other groups targeting US energy and defense sectors through Ivanti bugs
#Ivanti #ConnectSecure #vulnerability #cyberespionage #China #activeexploitation #eitw #zeroday #KEV #CISA #CVE_2023_46805 #CVE_2024_21887 #CVE_2024_21893 #UNC5221 #UNC5266 #UNC5330 #UNC5337 #UNC5291
-
I buried the lede in not mentioning that UNC5291 is assessed with medium confidence to be associated with Volt Typhoon, a Chinese state-sponsored Advanced Persistent Threat (APT). See related The Record reporting: Volt Typhoon and 4 other groups targeting US energy and defense sectors through Ivanti bugs
#Ivanti #ConnectSecure #vulnerability #cyberespionage #China #activeexploitation #eitw #zeroday #KEV #CISA #CVE_2023_46805 #CVE_2024_21887 #CVE_2024_21893 #UNC5221 #UNC5266 #UNC5330 #UNC5337 #UNC5291
-
I buried the lede in not mentioning that UNC5291 is assessed with medium confidence to be associated with Volt Typhoon, a Chinese state-sponsored Advanced Persistent Threat (APT). See related The Record reporting: Volt Typhoon and 4 other groups targeting US energy and defense sectors through Ivanti bugs
#Ivanti #ConnectSecure #vulnerability #cyberespionage #China #activeexploitation #eitw #zeroday #KEV #CISA #CVE_2023_46805 #CVE_2024_21887 #CVE_2024_21893 #UNC5221 #UNC5266 #UNC5330 #UNC5337 #UNC5291
-
I buried the lede in not mentioning that UNC5291 is assessed with medium confidence to be associated with Volt Typhoon, a Chinese state-sponsored Advanced Persistent Threat (APT). See related The Record reporting: Volt Typhoon and 4 other groups targeting US energy and defense sectors through Ivanti bugs
#Ivanti #ConnectSecure #vulnerability #cyberespionage #China #activeexploitation #eitw #zeroday #KEV #CISA #CVE_2023_46805 #CVE_2024_21887 #CVE_2024_21893 #UNC5221 #UNC5266 #UNC5330 #UNC5337 #UNC5291
-
I buried the lede in not mentioning that UNC5291 is assessed with medium confidence to be associated with Volt Typhoon, a Chinese state-sponsored Advanced Persistent Threat (APT). See related The Record reporting: Volt Typhoon and 4 other groups targeting US energy and defense sectors through Ivanti bugs
#Ivanti #ConnectSecure #vulnerability #cyberespionage #China #activeexploitation #eitw #zeroday #KEV #CISA #CVE_2023_46805 #CVE_2024_21887 #CVE_2024_21893 #UNC5221 #UNC5266 #UNC5330 #UNC5337 #UNC5291
-
Mandiant releases part 4 of the Ivanti Connect Secure incident response investigation. They detail different types of post-exploitation activity across their IR engagements. Chinese threat actors have a growing knowledge of Ivanti Connect Secure in abusing appliance-specific functionality to perform actions on objective. They highlight FIVE Chinese threat actors: UNC5221, UNC5266, UNC5330, UNC5337, and UNC5291 abusing a mix of CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893. New TTPs, new malware families and new IOC: 🔗 https://cloud.google.com/blog/topics/threat-intelligence/ivanti-post-exploitation-lateral-movement
EDIT: For your situational awareness, it's my understanding that future Mandiant articles will be located at https://cloud.google.com/blog/topics/threat-intelligence/
#Ivanti #ConnectSecure #vulnerability #cyberespionage #China #activeexploitation #eitw #zeroday #KEV #CISA #CVE_2023_46805 #CVE_2024_21887 #CVE_2024_21893 #UNC5221 #UNC5266 #UNC5330 #UNC5337 #UNC5291
-
Mandiant releases part 4 of the Ivanti Connect Secure incident response investigation. They detail different types of post-exploitation activity across their IR engagements. Chinese threat actors have a growing knowledge of Ivanti Connect Secure in abusing appliance-specific functionality to perform actions on objective. They highlight FIVE Chinese threat actors: UNC5221, UNC5266, UNC5330, UNC5337, and UNC5291 abusing a mix of CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893. New TTPs, new malware families and new IOC: 🔗 https://cloud.google.com/blog/topics/threat-intelligence/ivanti-post-exploitation-lateral-movement
EDIT: For your situational awareness, it's my understanding that future Mandiant articles will be located at https://cloud.google.com/blog/topics/threat-intelligence/
#Ivanti #ConnectSecure #vulnerability #cyberespionage #China #activeexploitation #eitw #zeroday #KEV #CISA #CVE_2023_46805 #CVE_2024_21887 #CVE_2024_21893 #UNC5221 #UNC5266 #UNC5330 #UNC5337 #UNC5291
-
Mandiant releases part 4 of the Ivanti Connect Secure incident response investigation. They detail different types of post-exploitation activity across their IR engagements. Chinese threat actors have a growing knowledge of Ivanti Connect Secure in abusing appliance-specific functionality to perform actions on objective. They highlight FIVE Chinese threat actors: UNC5221, UNC5266, UNC5330, UNC5337, and UNC5291 abusing a mix of CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893. New TTPs, new malware families and new IOC: 🔗 https://cloud.google.com/blog/topics/threat-intelligence/ivanti-post-exploitation-lateral-movement
EDIT: For your situational awareness, it's my understanding that future Mandiant articles will be located at https://cloud.google.com/blog/topics/threat-intelligence/
#Ivanti #ConnectSecure #vulnerability #cyberespionage #China #activeexploitation #eitw #zeroday #KEV #CISA #CVE_2023_46805 #CVE_2024_21887 #CVE_2024_21893 #UNC5221 #UNC5266 #UNC5330 #UNC5337 #UNC5291
-
Mandiant releases part 4 of the Ivanti Connect Secure incident response investigation. They detail different types of post-exploitation activity across their IR engagements. Chinese threat actors have a growing knowledge of Ivanti Connect Secure in abusing appliance-specific functionality to perform actions on objective. They highlight FIVE Chinese threat actors: UNC5221, UNC5266, UNC5330, UNC5337, and UNC5291 abusing a mix of CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893. New TTPs, new malware families and new IOC: 🔗 https://cloud.google.com/blog/topics/threat-intelligence/ivanti-post-exploitation-lateral-movement
EDIT: For your situational awareness, it's my understanding that future Mandiant articles will be located at https://cloud.google.com/blog/topics/threat-intelligence/
#Ivanti #ConnectSecure #vulnerability #cyberespionage #China #activeexploitation #eitw #zeroday #KEV #CISA #CVE_2023_46805 #CVE_2024_21887 #CVE_2024_21893 #UNC5221 #UNC5266 #UNC5330 #UNC5337 #UNC5291
-
Mandiant releases part 4 of the Ivanti Connect Secure incident response investigation. They detail different types of post-exploitation activity across their IR engagements. Chinese threat actors have a growing knowledge of Ivanti Connect Secure in abusing appliance-specific functionality to perform actions on objective. They highlight FIVE Chinese threat actors: UNC5221, UNC5266, UNC5330, UNC5337, and UNC5291 abusing a mix of CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893. New TTPs, new malware families and new IOC: 🔗 https://cloud.google.com/blog/topics/threat-intelligence/ivanti-post-exploitation-lateral-movement
EDIT: For your situational awareness, it's my understanding that future Mandiant articles will be located at https://cloud.google.com/blog/topics/threat-intelligence/
#Ivanti #ConnectSecure #vulnerability #cyberespionage #China #activeexploitation #eitw #zeroday #KEV #CISA #CVE_2023_46805 #CVE_2024_21887 #CVE_2024_21893 #UNC5221 #UNC5266 #UNC5330 #UNC5337 #UNC5291
-
I want to get off Mr. Ivanti's wild ride: security advisory for Ivanti Connect Secure and Ivanti Policy Secure: 🔗 https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways and blog post: https://www.ivanti.com/blog/security-update-for-ivanti-connect-secure-and-policy-secure
- CVE-2024-21894 (8.2 high) heap overflow leads to Denial of Service (DoS), and sometimes arbitrary code execution
- CVE-2024-22052 (7.5 high) null pointer dereference causes DoS
- CVE-2024-22053 (8.2 high) heap overflow leads to DoS or information disclosure
- CVE-2024-22023 (5.3 medium) XML entity expansion (XEE) causes a limited-time DoS
We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure.
#Ivanti #ConnectSecure #PolicySecure #vulnerability #CVE_2024_21894 #CVE_2024_22052 #CVE_2024_22053 #CVE_2024_22023
-
Soooo ... that integrity checker tool that Ivanti wants customers to use to detect compromise? It doesn't scan more than a dozen directories including /data, /etc, /tmp, and /var. As a test of what was possible, @n0x08 installed the Sliver C2 tool in /data and ran the integrity checker tool and it passed. Patched Ivanti VPNs could very well still be compromised even if the integrity checker tool gave them an all-clear.
We also found numerous extremely old software packages, including a Linux kernel that was EOL in 2020 (CentOS 6.4). Yikes!
-
Agencies using vulnerable Ivanti products have until Saturday to disconnect them - Enlarge (credit: Getty Images)
Federal civilian agencies have ... - https://arstechnica.com/?p=2000723 #connectsecure #security #zerodays #biz #ivanti #cisa