We are informed about multiple compromises of Ivanti End-Of-Live devices. These End-Of-Live devices were used as initial access point for threat actors to further compromise the internal network. It is not possible to patch these End-of-Life devices.
We recommend to perform the following actions as soon as possible:
- Patch your Ivanti devices, replace them when End-of-Life
- Check for compromises with the Ivanti external Integrity Checker
- Check your environment for traces of compromise
With this alert, we want to engage security teams to thoroughly check these devices and the entire network, start incident response if necessary and inform us on https://ccb.belgium.be/cert/report-incident.