Ivanti

RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features – Go Health Pro

by
RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features – Go Health Pro

Mar 30, 2025Ravie LakshmananVulnerability / Zero-Day The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shed light on a new malware called RESURGE that has been deployed as part of exploitation activity targeting a now-patched security flaw in Ivanti Connect Secure (ICS) appliances. “RESURGE contains capabilities of the SPAWNCHIMERA malware variant, including surviving reboots; however, … Read more

Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now – Go Health Pro

by
Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now – Go Health Pro

Feb 12, 2025Ravie LakshmananNetwork Security / Vulnerability Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution. The list of vulnerabilities is below – CVE-2024-38657 (CVSS score: 9.1) – External control of a file … Read more

Attacks on Ivanti appliances demonstrate danger of chained exploits – Go Health Pro

by
Attacks on Ivanti appliances demonstrate danger of chained exploits – Go Health Pro

The U.S. government is warning of a new exploit against multiple flaws in cloud applications. The Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are chaining a number of CVE-listed vulnerabilities into a single exploit script. The flaws in question are present in Ivanti appliances version 4.6 and earlier. The threat actors use the … Read more

Ivanti Zero-Day Vulnerability Exploited: The Details – Go Health Pro

by
Ivanti Zero-Day Vulnerability Exploited: The Details – Go Health Pro

The UK’s National Cyber Security Centre (NCSC) and its US counterpart have issued an urgent advisory to Ivanti customers after discovering two critical vulnerabilities, one of which is actively exploited. Read on to see how the Ivanti Zero-Day Vulnerability was exploited. Details of how the Ivanti Zero-Day Vulnerability was exploited Ivanti released a security advisory … Read more

Emergency patch issued for Ivanti Connect Secure VPN flaw under attack – Go Health Pro

by
Emergency patch issued for Ivanti Connect Secure VPN flaw under attack – Go Health Pro

An unpatched vulnerability in the Ivanti Connect Secure VPN has been under active attack. Researchers with Google’s Mandiant Cloud security team said that one or more threat actors are currently exploiting CVE-2025-0282 for remote takeover attacks on targeted networks. The flaw, originally exploited as a zero-day vulnerability, has since been given an emergency patch and … Read more