• europa.eu

Cyber Brief (January 2025)February 3, 2025 - Version: 1TLP:CLEARExecutive summaryWe analysed 262 open source reports for this Cyber Brief1.Policy, cooperation, and law enforcement. Lithuania inaugurat ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Attackers are encrypting AWS S3 data without using ransomware A ransomware gang dubbed Codefinger is e ... Read more

• Cybersecurity News

Palo Alto Networks has issued a detailed threat briefing on two critical vulnerabilities in Ivanti products—CVE-2025-0282 and CVE-2025-0283. The vulnerabilities affect Ivanti’s Connect Secure, Policy ... Read more

• The Hacker News

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Sal ... Read more

• Cybersecurity News

watchTowr Labs published a detailed analysis of the vulnerability and a proof-of-concept (PoC) exploit for CVE-2025-0282, a critical zero-day vulnerability in Ivanti Connect Secure with active exploit ... Read more

• The Hacker News

Microsoft kicked off 2025 with a new set of patches for a total of 161 security vulnerabilities across its software portfolio, including three zero-days that have been actively exploited in attacks. O ... Read more

• Help Net Security

Microsoft has marked January 2025 Patch Tuesday with a hefty load of patches: 157 CVE-numbered security issues have been fixed in various products, three of which (in Hyper-V) are being actively explo ... Read more

• Help Net Security

Fortinet has patched an authentication bypass vulnerability (CVE-2024-55591) affecting its FortiOS firewalls and FortiProxy web gateways that has been exploited as a zero-day by attackers to compromis ... Read more

• The Hacker News

Endpoint Security / Vulnerability Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to byp ... Read more

• Help Net Security

From zero-day exploits to weaknesses in widely used software and hardware, the vulnerabilities uncovered last year underscore threat actors’ tactics and the critical gaps in organizational defenses. T ... Read more

• The Hacker News

Vulnerability / Cybersecurity The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Su ... Read more

• Help Net Security

The number of internet-facing Ivanti Connect Secure instances vulnerable to attack via CVE-2025-0282 has fallen from 2,048 to 800 in the last four days, the Shadowserver Foundation shared today. In th ... Read more

• BleepingComputer

Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability. The comp ... Read more

• The Hacker News

Vulnerability / Cloud Security A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoor ... Read more

• security.nl

De Britse registry Nominet is aangevallen via een kwetsbaarheid in de vpn-software van Ivanti, zo heeft de organisatie die de .uk-domeinnamen beheert zelf bekendgemaakt. In een e-mail aan klanten laat ... Read more

• The Register

UK domain registry Nominet is investigating a potential intrusion into its network related to the latest Ivanti zero-day exploits. Nominet told customers via an email sent on January 8, which was seen ... Read more

• The Cyber Express

Ivanti has released patches to address two significant vulnerabilities in its Ivanti Connect Secure, Policy Secure, and ZTA Gateways products. These Ivanti vulnerabilities, identified as CVE-2025-0282 ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) Ivanti has fixed two vulnerabili ... Read more

• Cybersecurity News

On January 8, 2025, Ivanti disclosed an actively exploited zero-day vulnerability, tracked as CVE-2025-0282, affecting its Connect Secure appliances. This critical stack-based buffer overflow vulnerab ... Read more

• Dark Reading

Source: Lobro via Alamy Stock PhotoA Chinese threat actor is once again exploiting Ivanti remote access devices at large.If you had a nickel for every high-profile vulnerability affecting Ivanti appli ... Read more

• Dark Reading

Source: Lobro via Alamy Stock PhotoA Chinese threat actor is once again exploiting Ivanti remote access devices at large.If you had a nickel for every high-profile vulnerability affecting Ivanti appli ... Read more

• security.nl

Nederland telt bijna zestig Ivanti vpn-servers die een beveiligingslek bevatten waarvan al weken actief misbruik wordt gemaakt, zo stelt The Shadowserver Foundation op basis van een internetscan. Were ... Read more

• Help Net Security

Welcome to 2025 and a new year of patch excitement! In my December article, I talked about Microsoft’s Secure Future Initiative (SFI) and how it manifested in many of the Microsoft products released i ... Read more

• Ars Technica

Networks protected by Ivanti VPNs are under active attack by well-resourced hackers who are exploiting a critical vulnerability that gives them complete control over the network-connected devices. Har ... Read more

• BleepingComputer

Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called ‘Dryhook’ and ‘Phasejam’ that is not current ... Read more

• The Register

The cybersecurity industry is urging those in charge of defending their orgs to take mitigation efforts "seriously" as Ivanti battles two dangerous new vulnerabilities, one of which was already being ... Read more

• Help Net Security

The zero-day attacks leveraging the Ivanti Connect Secure (ICS) vulnerability (CVE-2025-0282) made public on Wednesday were first spotted in mid-December 2024, Mandiant researchers have shared. It’s s ... Read more

• security.nl

Een kwetsbaarheid in Ivanti Connect Secure die het mogelijk maakt om vpn-servers op afstand over te nemen en waarvoor gisterenavond een beveiligingsupdate verscheen is sinds halverwege december misbru ... Read more

• security.nl

Softwarebedrijf Ivanti waarschuwt organisaties, net als een jaar geleden, voor een actief aangevallen kwetsbaarheid in Connect Secure VPN en roept op de nu beschikbaar gestelde update te installeren. ... Read more

• The Hacker News

Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024. The securit ... Read more

• Cybersecurity News

Ivanti Connect Secure (ICS) VPN appliances have become the focus of advanced threat actors, exploiting a newly disclosed zero-day vulnerability. According to a recent report by Mandiant, the exploitat ... Read more

• TheCyberThrone

OverviewCVE-2025-0282 is a critical stack-based buffer overflow vulnerability. It impacts Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for Zero Trust Access (ZTA) gateways. This vul ... Read more

• Google Cloud

Written by: John Wolfram, Josh Murchie, Matt Lin, Daniel Ainsworth, Robert Wallace, Dimiter Andonov, Dhanesh Kizhakkinan, Jacob Thompson Note: This is a developing campaign under active analysis by Ma ... Read more