Ivanti Connect Secure VPN Exploitation: New Observations [Friday, January 19, 2024]

Analysis of Ivanti Connect Secure VPN appliances from January 2023 to January 18, 2024 has revealed a number of new discoveries and new ways of exp...
Ivanti Connect Secure VPN Exploitation: New Observations [Friday, January 19, 2024]
Ivanti Connect Secure VPN Exploitation: New Observations
Report

Ivanti Connect Secure VPN Exploitation: New Observations

Description :
Analysis of Ivanti Connect Secure VPN appliances from January 2023 to January 18, 2024 has revealed a number of new discoveries and new ways of exploiting the network's vulnerabilities.

Published Created Modified
2024-01-19 13:22:36 2024-01-19 13:22:36 2024-01-19 13:28:38

Tags

Indicators

IPv4s :
  • 192.252.183.116
URLs :
  • http://shapefiles.fews.net.s3.amazonaws.com/g6cYGAxHt4JC1
  • https://abode-dashboard-media.s3.ap-south-1.amazonaws.com/kaffMm40RNtkg
  • http://blooming.s3.amazonaws.com/Ea7fbW98CyM5O
  • http://archivevalley-media.s3.amazonaws.com/bbU5Yn3yayTtV
Domains :
  • auto.c3pool.org
Malwares :
  • GIFTEDVISITOR
Hashes :
  • 76121de43d2ded66b42ce138988631be7ee228e9f0ed7da70fec83ea8e2a5fbe
  • e7da21fca8f27b9d19ec90d83b4d794e5a449578eef40e53db84f718d22493a8
  • 45c9578bbceb2ce2b0f10133d2f3f708e78c8b7eb3c52ad69d686e822f9aa65f
  • c26da19e17423ce4cb4c8c47ebc61d009e77fc1ac4e87ce548cf25b8e4f4dc28
  • 4cba272d83f6ff353eb05e117a1057699200a996d483ca56fa189e9eaa6bb56c
  • c7ddd58dcb7d9e752157302d516de5492a70be30099c2f806cb15db49d466026
  • e47b86b8df43c8c1898abef15b8b7feffe533ae4e1a09e7294dd95f752b0fbb2
  • d14122fa7883b89747f273c44b1f71b81669a088764e97256f97b4b20d945ed0
  • 816754f6eaf72d2e9c69fe09dcbe50576f7a052a1a450c2a19f01f57a6e13c17
  • 47ff0ae9220a09bfad2a2fb1e2fa2c8ffe5e9cb0466646e2a940ac2e0cf55d04
  • a4e1b07bb8d6685755feca89899d9ead490efa9a6b6ccc00af6aaea071549960
  • 6f684f3a8841d5665d083dcf62e67b19e141d845f6c13ee8ba0b6ccdec591a01
  • 39ead6055306739ab969a3531bde2050f556b05e500894b3cda120178f2773be
  • 73657c062a7cc50a3d51853ec4df904bcb291fdc9cdd08eecaecb78826eb49b6
  • 76902d101997df43cd6d3ac10470314a82cb73fa91d212b97c8f210d1fa8271f
  • ef792687b8bcd3c03bed4b09c4722bba921536802afe01f7cdb01cc7c3c60815
MITRE ATT&CK Techniques : Other observables :
  • CVE-2023-46805
  • CVE-2024-21887

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.