#connectsecure — Public Fediverse posts on home.social

Pyrzout :vm: @[email protected] · 2025-04-11 · 21:10 UTC

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle – Source: www.securityweek.com https://ciso2ciso.com/rapid7-reveals-rce-path-in-ivanti-vpn-appliance-after-silent-patch-debacle-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #IncidentResponse #Malware&Threats #vulnerabilities #securityweekcom #CVE-2025-22457 #ConnectSecure #securityweek #Mandiant #Ivanti #Rapid7 #VPN

#rssfeedpostgeneratorecho #cybersecuritynews #incidentresponse #malware #vulnerabilities #securityweekcom

Pyrzout :vm: @[email protected] · 2025-04-04 · 04:10 UTC

Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances – Source: www.securityweek.com https://ciso2ciso.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #NetworkSecurity #securityweekcom #CVE-2025-22457 #ConnectSecure #PulseConnect #securityweek #Mandiant #UNC5221 #Ivanti

#rssfeedpostgeneratorecho #cybersecuritynews #malware #networksecurity #securityweekcom #cve

Pyrzout :vm: @[email protected] · 2025-04-03 · 17:20 UTC

Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances https://www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/ #Malware&Threats #NetworkSecurity #ConnectSecure #CVE202522457 #PulseConnect #Mandiant #UNC5221 #Ivanti

#malware #networksecurity #connectsecure #cve202522457 #pulseconnect #mandiant

Pyrzout :vm: @[email protected] · 2025-04-03 · 17:20 UTC

Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances https://www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/ #Malware&Threats #NetworkSecurity #ConnectSecure #CVE202522457 #PulseConnect #Mandiant #UNC5221 #Ivanti

#malware #networksecurity #connectsecure #cve202522457 #pulseconnect #mandiant

Not Simon @[email protected] · 2024-04-04 · 16:52 UTC

I buried the lede in not mentioning that UNC5291 is assessed with medium confidence to be associated with Volt Typhoon, a Chinese state-sponsored Advanced Persistent Threat (APT). See related The Record reporting: Volt Typhoon and 4 other groups targeting US energy and defense sectors through Ivanti bugs

#Ivanti #ConnectSecure #vulnerability #cyberespionage #China #activeexploitation #eitw #zeroday #KEV #CISA #CVE_2023_46805 #CVE_2024_21887 #CVE_2024_21893 #UNC5221 #UNC5266 #UNC5330 #UNC5337 #UNC5291

#ivanti #connectsecure #vulnerability #cyberespionage #china #activeexploitation

Not Simon @[email protected] · 2024-04-04 · 14:53 UTC

Mandiant releases part 4 of the Ivanti Connect Secure incident response investigation. They detail different types of post-exploitation activity across their IR engagements. Chinese threat actors have a growing knowledge of Ivanti Connect Secure in abusing appliance-specific functionality to perform actions on objective. They highlight FIVE Chinese threat actors: UNC5221, UNC5266, UNC5330, UNC5337, and UNC5291 abusing a mix of CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893. New TTPs, new malware families and new IOC: 🔗 https://cloud.google.com/blog/topics/threat-intelligence/ivanti-post-exploitation-lateral-movement

EDIT: For your situational awareness, it's my understanding that future Mandiant articles will be located at https://cloud.google.com/blog/topics/threat-intelligence/

#Ivanti #ConnectSecure #vulnerability #cyberespionage #China #activeexploitation #eitw #zeroday #KEV #CISA #CVE_2023_46805 #CVE_2024_21887 #CVE_2024_21893 #UNC5221 #UNC5266 #UNC5330 #UNC5337 #UNC5291

#ivanti #connectsecure #vulnerability #cyberespionage #china #activeexploitation