Close Menu
Entertainment Industry Reporter
    Facebook X (Twitter) Instagram
    Entertainment Industry Reporter
    • Home
    • Film
    • Television
    • Box Office
    • Reality TV
    • Music
    • Horror
    • Politics
    • Books
    • Technology
    • Popular Music Videos
    • Cover Story
    • Contact
      • About
      • Amazon Disclaimer
      • DMCA / Copyright Disclaimer
      • Privacy Policy
      • Terms and Conditions
    Entertainment Industry Reporter
    You are at:Home»Technology»Hackers begin mass exploiting Ivanti VPN zero-day flaws
    Technology

    Hackers begin mass exploiting Ivanti VPN zero-day flaws

    By AdminJanuary 16, 2024
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Hackers begin mass exploiting Ivanti VPN zero-day flaws


    Malicious hackers have begun mass-exploiting two critical zero-day vulnerabilities in Ivanti’s widely-used corporate VPN appliance.

    That’s according to cybersecurity company Volexity, which first reported last week that China state-backed hackers are exploiting the two unpatched flaws in Ivanti Connect Secure — tracked as CVE-2023-46805 and CVE-2024-21887 — to break into customer networks and steal information. At the time, Ivanti said it was aware of “less than 10 customers” affected by the “zero-day” flaws, described as such given that Ivanti had no time to fix the flaws before they were exploited.

    In an updated blog post published on Monday, Volexity says it now has evidence of mass exploitation.

    According to Volexity, more than 1,700 Ivanti Connect Secure appliances worldwide have been exploited so far, affecting organizations including the aerospace, banking, defense, government, and telecommunications industries.

    “Victims are globally distributed and vary greatly in size, from small businesses to some of the largest organizations in the world, including multiple Fortune 500 companies across multiple industry verticals,” said Volexity. The security firm’s researchers added that Ivanti VPN appliances were “indiscriminately targeted,” with corporate victims around the world.

    But Volexity notes that the number of compromised organizations is likely to be far higher. Nonprofit security threat tracker Shadowserver Foundation has data showing more than 17,000 internet-visible Ivanti VPN appliances worldwide, including more than 5,000 appliances in the United States.

    Ivanti confirmed in its updated advisory on Tuesday that its own findings are “consistent” with Volexity’s new observations and that the mass-hacks appear to have started on January 11, a day after Ivanti disclosed the vulnerabilities. In a statement provided via public relations agency MikeWorldWide, Ivanti told TechCrunch that it has “seen a sharp increase in threat actor activity and security researcher scans.”

    When reached Tuesday, Volexity’s spokesperson Kristel Faris told TechCrunch that the security firm is in contact with Ivanti, which is “responding to an increase in support requests as quickly as possible.”

    Despite mass exploitation, Ivanti has yet to publish patches. Ivanti said it plans to release fixes on a “staggered” basis starting the week of January 22. In the meantime, admins are advised to apply mitigation measures provided by Ivanti on all affected VPN appliances on their network. Ivanti recommends admins reset passwords and API keys, and revoke and reissue any certificates stored on the affected appliances.

    No ransomware… yet

    Volexity initially attributed exploitation of the two Ivanti zero-days to a China-backed hacking group it tracks as UTA0178. Volexity said it had evidence of exploitation as early as December 3.

    Mandiant, which is also tracking exploitation of the Ivanti vulnerabilities, said it has not linked the exploitation to a previously known hacking group, but said its findings — combined with Volexity’s — leads Mandiant to attribute the hacks to “an espionage-motivated APT campaign,” suggesting government-backed involvement.

    Volexity said this week that it has seen additional hacking groups — specifically a group it calls UTA0188 — exploit the flaws to compromise vulnerable devices, but declined to share additional details about the group — or its motives — when asked by TechCrunch.

    Volexity told TechCrunch that it has seen no evidence that ransomware is involved in the mass hacks at this point. “However, we fully anticipate that happening if proof-of-concept code becomes public,” added Faris.

    Security researchers have already pointed to the existence of proof-of-concept code capable of exploiting the Ivanti zero-days.



    Original Source Link

    Share. Facebook Twitter LinkedIn Email Telegram WhatsApp

    Related Posts

    FTC pushes the enforcement of its ‘click-to-cancel’ rule back to July

    How to Use Your iPad as a Second Monitor With Your Mac (2025)

    Trump plans to shut down the Consumer Product Safety Commission

    The 21 Best Early Amazon Pet Day Deals (2025)

    GoldenEye 007 and Quake join the World Video Game Hall of Fame

    Lifesmart TM2202 3-in-1 Treadmill Review: Best for Small Spaces

    Popular Posts

    Fto Sett releases new music video “Not Never”

    First Seven Minutes of RHONJ Season 14 Premiere

    Teresa Giudice’s Best RHONJ Episodes

    Horror Highlights: TRICK OR TREAT, JUMPSCARE, TRACTION PARK MASSACRE, FABLE, FLESH & BLOOD

    Watch aespa try to assemble a drum kit for Anderson .Paak

    Jamie xx and Robyn Share New Song “Life”: Listen

    Netflix Comedy Is Fun — In Small Doses

    Categories
    • Books (1,367)
    • Box Office (796)
    • Cover Story (12)
    • Events (5)
    • Featured (23)
    • Film (1,387)
    • Horror (1,374)
    • Lifestyle (2)
    • Music (1,431)
    • Politics (506)
    • Popular Music Videos (807)
    • Reality TV (829)
    • Technology (1,381)
    • Television (1,130)
    • Uncategorized (1)
    Archives
    Useful Links
    • About
    • Contact
    • Privacy Policy
    • DMCA / Copyright Disclaimer
    • Amazon Disclaimer
    • Terms and Conditions
    Categories
    • Books (1,367)
    • Box Office (796)
    • Cover Story (12)
    • Events (5)
    • Featured (23)
    • Film (1,387)
    • Horror (1,374)
    • Lifestyle (2)
    • Music (1,431)
    • Politics (506)
    • Popular Music Videos (807)
    • Reality TV (829)
    • Technology (1,381)
    • Television (1,130)
    • Uncategorized (1)
    Popular Posts

    Keith Carradine’s Creepy Guest Appearance on Law & Order: Organized Crime Maximized the Horror

    THE SECRET LIVES OF BOOKSELLERS AND LIBRARIANS

    Broadway Box Office Slips A Tad In First Week Of 2024-2025 Season

    Bad News for China: Rare Earth Elements Aren’t That Rare

    © 2025 Entertainment Industry Reporter. All rights reserved. All articles, images, product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Terms & Conditions and Privacy Policy.

    Type above and press Enter to search. Press Esc to cancel.

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the ...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
    CookieDurationDescription
    cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
    cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
    cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
    cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
    cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
    viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
    Functional
    Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
    Performance
    Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
    Analytics
    Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
    Advertisement
    Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
    Others
    Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
    SAVE & ACCEPT