In January, Ivanti alerted customers that hackers were exploiting two zero-day vulnerabilities in its Ivanti Connect Secure and Ivanti Policy Secure. This week the company revealed that two other vulnerabilities were discovered in the meantime, with one already being exploited in targeted attacks.
Even though patches are now available for all four vulnerabilities, the US Cybersecurity and Infrastructure Security Agency (CISA) issued a directive to all federal agencies to disconnect the impacted Ivanti products from their networks by end of Friday, February 2, and perform additional forensic analysis and clean-up steps in case they’ve already been compromised.
