Cybersecurity Dive January 19, 2024
David Jones

Civilian agencies are under threat following a surge in nation-state linked exploitation of Ivanti Connect Secure and Ivanti Policy Secure devices.

The Cybersecurity and Infrastructure Security Agency issued an emergency directive Friday ordering Federal Civilian Executive Branch agencies to mitigate vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure devices.

A suspected nation-state hacker has chained two vulnerabilities together and injected webshells into more than 2,100 systems across a range of private sector companies and government agencies since December.

The attacks allow the hackers to gain persistent system access, enabling data exfiltration, credential theft and other malicious activity.

Federal agencies have been targeted as part of the exploitation activity, according to Eric Goldstein, executive assistant director for...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, Health System / Hospital, HHS, Provider, Technology
Related Articles:
Homograph Attacks in Healthcare: A Growing Cybersecurity Threat
AI In Cybersecurity: Understanding The New Regulatory Framework And What It Means For Businesses
Solution Under Review: The Battle For Industrial Cybersecurity
Clark on Connecting: Loyalty and Cybersecurity Go Hand in Hand
M&A Cyber Success Depends on Communication, an Honest Evaluation of Each Side’s Strengths & Risks, and an Open Mind

Share This Article