More Ivanti attacks may be on horizon, say experts who are seeing 9x surge in endpoint scans

by

More Ivanti attacks may be on horizon, say experts who are seeing 9x surge in endpoint scans

Security experts are raising alarms over an 800% increase in IP scanning activity targeting Ivanti’s VPN systems, suggesting potential forthcoming attacks. This spike in scans could signify attempts to exploit existing vulnerabilities.

Source: The Register

Key Points

  • Ivanti VPN users should be on high alert as scanning for its products surged significantly last week.
  • GreyNoise data revealed a jump from under 30 to 234 unique IP addresses scanning for Ivanti endpoints.
  • The recent activity could serve as a precursor to public vulnerability disclosures and active exploitation attempts.
  • Over the past 90 days, out of 1,004 unique IPs scanning, many were marked as suspicious or malicious.
  • Customers are advised to check logs for unusual login attempts and apply the latest patches.

Why should I read this?

If you’re using Ivanti’s VPN systems, you’ll want to take this seriously. With such a massive surge in endpoint scans, it’s likely a sign that something big could be on the horizon. The article summarises crucial info about potential vulnerabilities—saving you the hassle of tracking down all the details yourself!