CISA reveals new malware variant used on compromised Ivanti Connect Secure devices

CISA has released indicators of compromise, detection signatures, and updated mitigation advice for rooting out a newly identified malware variant used by the attackers who breached Ivanti Connect Secure VPN appliances in December 2024 by exploiting the CVE-2025-0282 zero-day. The updated mitigation instructions stress the importance of conducting a factory reset of all devices – even those where threat hunting did not reveal evidence of compromise – as well as a factory reset of cloud … More

The post CISA reveals new malware variant used on compromised Ivanti Connect Secure devices appeared first on Help Net Security.

This article has been indexed from Help Net Security

Read the original article: