Ivanti Connect Secure CVE-2025-0282 DslogdRAT Analysis
At the beginning of the year, we investigated a cluster of Ivanti Connect Secure gateways that attackers had breached via CVE-2025-0282. If you missed the story, Mandiant’s write-up laid out a polished, multi-stage operation that combined code redirection, web-shell deployment, and meticulous clean-up. Last week, Florian Roth pointed us to a follow-up from JPCERT/CC that […]