An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
https://www.scmagazine.com/news/tunnelvision-dhcp-flaw-lets-attackers-bypass-vpns-redirect-traffic
https://securityaffairs.com/162936/cyber-crime/ivanti-connect-secure-flaws-mirai-botnet.html
https://thehackernews.com/2024/05/mirai-botnet-exploits-ivanti-connect.html
https://securityaffairs.com/162811/hacking/mitre-security-breach-china.html
https://services.google.com/fh/files/misc/m-trends-2024.pdf
https://www.mitre.org/news-insights/news-release/mitre-response-cyber-attack-one-its-rd-networks
https://unit42.paloaltonetworks.com/malware-initiated-scanning-attacks/
https://www.theregister.com/2024/04/04/ivanti_secure_by_design/
https://cloud.google.com/blog/topics/threat-intelligence/ivanti-post-exploitation-lateral-movement
https://www.intrinsec.com/ivanti-auto-aes-keys-recovery/
https://therecord.media/cisa-takes-two-systems-offline-following-ivanti-compromise?&web_view=true
https://securityaffairs.com/160246/hacking/us-cisa-systems-hacked.html
https://www.hivepro.com/threat-advisory/ivanti-gateways-under-attack-by-cybercriminals-patch-now/
https://securityaffairs.com/159807/hacking/fiveeye-warns-ivanti-gateways-attacks.html
https://hub.dragos.com/hubfs/116-Datasheets/Dragos_IntelBrief_VOLTZITE_FINAL.pdf
https://www.scmagazine.com/news/federal-agencies-have-until-feb-3-to-disconnect-ivanti-vpns
https://thecyberthrone.in/2024/01/31/ivanti-vulnerabilities-exploited-to-deliver-krustyloader/
https://securityaffairs.com/158393/malware/ivanti-connect-secure-vpn-deliver-krustyloader.html
https://www.infosecurity-magazine.com/news/rust-payloads-ivanti-zero-days/
https://censys.com/the-mass-exploitation-of-ivanti-connect-secure/?web_view=true
https://www.volexity.com/blog/2024/01/18/ivanti-connect-secure-vpn-exploitation-new-observations/
https://infosec.exchange/@[email protected]/111732557655576182