Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices. That’s according to findings from Orange Cyberdefense, which said it observed the exploitation of CVE-2024-21893 within hours of the public release of the proof-the-concept (PoC) code. Read More
Cutting Edge, Part 1: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation
Cutting Edge, Part 2: Investigating Ivanti Connect Secure VPN Zero-Day Exploitation
Cutting Edge, Part 3: Investigating Ivanti Connect Secure VPN Exploitation and Persistence Attempts