Threat Actors Exploiting Ivanti EPMM Vulnerabilities

7 October 2023

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian National Cyber Security Centre (NCSC-NO) are releasing this joint Cybersecurity Advisory (CSA) in response to active exploitation of CVE-2023-35078 and CVE-2023-35081. Advanced persistent threat (APT) actors exploited CVE-2023-35078 as a zero day from at least April 2023 through July 2023 to gather information from several Norwegian organizations, as well as to gain access to and compromise a Norwegian government agency’s network.

Source: US-CERT

Date:

7 October 2023

Categorie(s):

NEWS

Tag(s):

Citrix, Implant, Ivanti, Nation State, Virtualization

Security leaders respond to disruption of LabHost, a fraud website29 April 2024
Silobreaker empowers users with timely insight into key cybersecurity incident filings29 April 2024
72% of CISOs believe AI solutions may lead to security breaches29 April 2024
OpenAI’s ChatGPT is Breaking GDPR, Says Noyb29 April 2024
UK lays down fresh legislation banning crummy default device passwords29 April 2024