image credit: Adobe Stock

Norwegian Entities Targeted in Ongoing Attacks Exploiting Ivanti EPMM Vulnerability

August 2, 2023

Advanced persistent threat (APT) actors exploited a recently disclosed critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) as a zero-day since at least April 2023 in attacks directed against Norwegian entities, including a government network.

The disclosure comes as part of a new joint advisory released by the Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian National Cyber Security Centre (NCSC-NO) Tuesday. The exact identity or origin of the threat actor remains unclear.

“The APT actors have exploited CVE-2023-35078 since at least April 2023,” the authorities said. “The actors leveraged compromised small office/home office (SOHO) routers, including ASUS routers, to proxy to target infrastructure.’

Read More on The Hacker News