Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA

Oct. 15, 2024, 6:19 p.m.

External References

https://www.fortinet.com/
https://otx.alienvault.com/

Description

A zero-day vulnerability exploited by an advanced adversary to gain access to a victim’s network, according to research by FortiGuard Labs and the Centre for Strategic Intelligence (CISA).

Date

Published: Oct. 15, 2024, 6:04 p.m.

Created: Oct. 15, 2024, 6:04 p.m.

Modified: Oct. 15, 2024, 6:19 p.m.

Indicators

d57a2cac394a778e19ce9b926f2e0a71936510798f30d20f207f2a49b49ce7b1

8d016d02f8fbe25dce76481a90dd0b48630ce9e74e8c31ba007cf133e48b8526

6edd7b3123de985846a805931ca8ee5f6f7ed7b160144aa0e066967bc7c0423a

74.62.81.162

69.49.88.235

67.217.228.92

51.91.79.17

38.207.159.76

208.105.190.170

156.234.193.18

45.61.136.189

216.131.75.52

23.236.66.97

Download all indicators here!

Attack Patterns

T1110

T1014

T1505

T1055

T1036

T1140

T1566

T1190

T1068