Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation [Monday, January 15, 2024]

Mandiant is sharing details of five malware families associated with the exploitation of CS and PS devices. These families allow the threat actors ...
Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation [Monday, January 15, 2024]
Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation
Report

Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation

Description :
Mandiant is sharing details of five malware families associated with the exploitation of CS and PS devices. These families allow the threat actors to circumvent authentication and provide backdoor access to these devices. Additional post-exploitation tools have also been identified in our investigation and are highlighted further in this post.

Published Created Modified
2024-01-15 10:55:57 2024-01-15 10:55:57 2024-01-15 10:57:08

Tags

Indicators

Domains :
  • symantke.com
Malwares :
  • WARPWIRE
  • LIGHTWIRE
  • WIREFIRE
  • THINSPOOL
  • ZIPLINE Passive
Hashes :
  • af43ba807e14047fdcd92519016c0e53e0f124fd
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.