Hackers are still using old Ivanti bugs to break into networks
Posted by:
Sarah Collins
Title: “CISA and FBI Warn of Ongoing Threat from Ivanti Flaws”
The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a new security advisory warning that security flaws in Ivanti Cloud Service Appliance (CSA), which were patched in September and October 2024, are still being exploited in coordinated attacks. Threat actors are using a combination of vulnerabilities to gain access, execute remote code, steal credentials, and implant webshells on victim networks.
These vulnerabilities, including CVE-2024-8963, CVE-2024-8190, CVE-2024-9379, and CVE-2024-9380, were initially exploited as zero-day flaws and have since been added to CISA’s catalog of exploited vulnerabilities (KEV), requiring prompt patching. The advisory urges organizations to upgrade their systems and monitor for any signs of compromise, as compromised credentials and data in Ivanti appliances are a significant concern.
Ivanti, an American IT software company, has faced cybersecurity incidents, with reports in January 2024 linking Chinese government hackers to attacks using its software. The warning emphasizes the importance of cybersecurity measures and alerts administrators to remain vigilant against potential threats.
Recent Posts1
