Sunday, March 3, 2024

Chinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader Malware

[[{“value”:”A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver a Rust-based payload called KrustyLoader that’s used to drop the open-source Sliver adversary simulation tool.
The security vulnerabilities, tracked as CVE-2023-46805 (CVSS score: 8.2) and CVE-2024-21887 (CVSS score: 9.1), could be abused”}]]   Read More 

The Hacker News | #1 Trusted Cybersecurity News Site