UNC5221 and The Targeting of Ivanti Connect Secure VPNs

Matt Lin (Senior Incident Response Consultant, Mandiant) and Daniel Spicer (Chief Security Officer, Ivanti) dive into the research and response of UNC5221's campaigns against Ivanti. They cover how this threat actor has evolved from earlier campaigns, the continued focus of edge infrastructure by APT actors, and the shared responsibility of security in mitigating threats like this. https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerability https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day https://www.ivanti.com/blog/an-update-on-ivantis-ongoing-commitment-to-enhanced-product-security https://www.ivanti.com/resources/secure-by-design/2024 https://cloud.google.com/blog/topics/threat-intelligence/2024-zero-day-trends?e=48754805

Listen