A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
https://securityaffairs.com/162811/hacking/mitre-security-breach-china.html
https://securelist.com/vulnerability-report-q1-2024/112554/
https://services.google.com/fh/files/misc/m-trends-2024.pdf
https://www.mitre.org/news-insights/news-release/mitre-response-cyber-attack-one-its-rd-networks
https://unit42.paloaltonetworks.com/malware-initiated-scanning-attacks/
https://www.theregister.com/2024/04/04/ivanti_secure_by_design/
https://cloud.google.com/blog/topics/threat-intelligence/ivanti-post-exploitation-lateral-movement
https://securityaffairs.com/160274/cyber-crime/magnet-goblin-nerbianrat-attacks.html
https://securityaffairs.com/160246/hacking/us-cisa-systems-hacked.html
https://www.hivepro.com/threat-advisory/ivanti-gateways-under-attack-by-cybercriminals-patch-now/
https://hub.dragos.com/hubfs/116-Datasheets/Dragos_IntelBrief_VOLTZITE_FINAL.pdf
https://www.scmagazine.com/news/federal-agencies-have-until-feb-3-to-disconnect-ivanti-vpns
https://securityaffairs.com/158393/malware/ivanti-connect-secure-vpn-deliver-krustyloader.html
https://www.infosecurity-magazine.com/news/rust-payloads-ivanti-zero-days/?&web_view=true
https://www.infosecurity-magazine.com/news/rust-payloads-ivanti-zero-days/
https://www.theregister.com/2024/01/22/ivanti_and_juniper_networks_criics_unhappy/?&web_view=true
https://censys.com/the-mass-exploitation-of-ivanti-connect-secure/?web_view=true
https://www.volexity.com/blog/2024/01/18/ivanti-connect-secure-vpn-exploitation-new-observations/
https://infosec.exchange/@[email protected]/111732557655576182