January 17, 2024 By Pieter Arntz
Last week we wrote about two vulnerabilities in all supported versions of Ivanti Connect Secure and Ivanti Policy Secure Gateways that were being actively exploited.
The researchers that discovered the active exploitation are warning that these attacks are now very widespread.
“Victims are globally distributed and vary greatly in size, from small businesses to some of the largest organizations in the world, including multiple Fortune 500 companies across multiple industry verticals.”
At first, the scans by the researchers showed only limited exploitation. But later they observed scans made by an unknown party that revealed compromised devices which had a different variant of the web shell on them. The latest numbers indicate some 1700 compromised devices.
