Advertisement
Top
image credit: rawpixel.com / Freepik

VPN users beware — security flaws are being exploited to spread dangerous malware

January 31, 2024

Via: TechRadar
Category:

Users of Ivanti’s Connect Secure (ICS) virtual private network (VPN) devices beware – the solutions carry two high severity vulnerabilities that are being chained together to deliver the Silver malware.

First things first – the two vulnerabilities being abused here are tracked as CVE-2023-46805, and CVE-2024-21887. The former carries a severity score of 8.2, while the latter 9.1. Researchers from Volexity first spotted these two being abused in early December 2023, claiming that Chinese state-sponsored threat actors abused them as zero-days.

Read More on TechRadar

RELATED PUBLICATIONS

Network specialist debuts free tool that promises to solve VPN and ZTNA connectivity issues for good
North Korean Hackers Hijack Antivirus Updates for Malware Delivery
Dangerous ICS Malware Targets Orgs in Russia and Ukraine

Latest Publications

Chinese government website security is often worryingly bad, say Chinese researchers
Indonesia sneakily buys spyware, claims Amnesty International
97% of security leaders have increased SaaS security budgets
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!