The Hacker News - Chinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader Malware
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver a Rust-based payload called KrustyLoader that's used to drop the open-source Sliver adversary simulation tool. The security vulnerabilities, tracked as CVE-2023-46805 (CVSS score: 8.2) and CVE-2024-21887 (CVSS score: 9.1), could be abused
from The Hacker News https://thehackernews.com/2024/01/chinese-hackers-exploiting-critical-vpn.html
from The Hacker News https://thehackernews.com/2024/01/chinese-hackers-exploiting-critical-vpn.html
Comments
Post a Comment