On Jan. 8, 2025, Ivanti released a security advisory for two vulnerabilities (CVE-2025-0282 and CVE-2025-0283) in its Connect Secure, Policy Secure and ZTA gateway products.
This threat brief provides attack details that we observed in a recent incident response engagement to provide actionable intelligence to the community. These details can be used to further detect current attacks noted in the wild using CVE-2025-0282. These Ivanti products are all appliances that facilitate remote connections into a network. As such, they are outward-facing assets that attackers could target to infiltrate a network.
Read more…
Source: Palo Alto Unit 42
Related:
- Ploutus.D Malware Variant Used in U.S.-based ATM Jackpotting Attacks
January 29, 2018
The United States Secret Service issued a warning on Friday to financial institutions citing “credible information” about “planned” attacks against U.S. cash machines using malware that can quickly drain ATM machines dry of cash. The warning came a day after ATM maker Diebold Nixdorf also warned its customers of “potential” ATM Jackpotting attacks moving from Mexico to the U.S. But journalist Brian ...
- Electron critical vulnerability strikes app developers
January 24, 2018
A critical vulnerability affecting Electron desktop apps has been disclosed. Electron is a node.js, V8, and Chromium framework created for the development of cross-platform desktop apps with JavaScript, HTML, and CSS. Compatible with Mac, Linux, and Windows operating systems, the recently-discovered bug impacts Windows alone. The critical vulnerability affects Electron apps which use custom protocol handlers. Assigned the identifier CVE-2018-1000006, the vulnerability ...
- Now Meltdown patches are making industrial control systems lurch
January 15, 2018
Patches for the Meltdown vulnerability are causing stability issues in industrial control systems. SCADA vendor Wonderware admitted that Redmond’s Meltdown patch made its Historian product wobble. “Microsoft update KB4056896 (or parallel patches for other Operating System) causes instability for Wonderware Historian and the inability to access DA/OI Servers through the SMC,” an advisory on Wonderware’s support site explains. Read ...
- CPU bug patch saga: Antivirus tools caught with their hands in the Windows cookie jar
January 9, 2018
Microsoft’s workaround to protect Windows computers from the Intel processor security flaw dubbed Meltdown has revealed the rootkit-like nature of modern security tools. Some anti-malware packages are incompatible with Redmond’s Meltdown patch, released last week, because the tools make, according to Microsoft, “unsupported calls into Windows kernel memory,” crashing the system with a blue screen of death. In extreme ...
- Triple Meltdown: How So Many Researchers Found A 20-Year-Old Chip Flaw At The Same Time.
January 7, 2018
On a cold Sunday early last month in the small Austrian city of Graz, three young researchers sat down in front of the computers in their homes and tried to break their most fundamental security protections. Two days earlier, in their lab at Graz’s University of Technology, Moritz Lipp, Daniel Gruss, and Michael Schwarz had determined to ...
- Rush to fix ‘serious’ computer chip flaws
January 4, 2018
Tech firms are working to fix two bugs that could allow hackers to steal personal data from computer systems. Google researchers said one of the “serious security flaws”, dubbed “Spectre”, was found in chips made by Intel, AMD and ARM. The other, known as “Meltdown” affects Intel-made chips alone. The industry has been aware of the problem for ...