The recently discovered Ivanti Connect Secure zero-day vulnerabilities could affect thousands of systems, and the threat actors who exploited them appear to have planned the release of patches.
The threat intelligence and incident response company Volexity issued a warning on January 10th, stating that it had observed threat actors that were probably connected to China. Volexity identified the actors as UTA0178, and they were likely using two previously undiscovered vulnerabilities in Ivanti Connect Secure (ICS) VPN devices to obtain access to internal networks and steal important data.
As per Volexity and Ivanti, the attackers took advantage of a vulnerability in authentication bypass. An unauthorized remote attacker can control appliances and issue random commands by connecting the two security flaws.
Read More: Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
