Skip to content

Cyber Attack on Norway govt websites identified to Ivanti Security vulnerability

is a commonly used HTML tag that is used to create a division or section in a web page. It is used to group together elements and apply styles or formatting to them collectively.

In recent news, several websites operated by the Norwegian government experienced disruptions due to a possible cyber-attack. The US-CISA has identified that the attack exploited a flaw in the API flow of Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core. This vulnerability, classified as CVE-2023-35078, has a severity score of 9 out of 10 and allows hackers to bypass user authentication and gain unauthorized access to EPMM functions and resources.

Ivanti has confirmed that the affected versions of EPMM are 11.4, 11.10, 11.9, and 11.8, but even older versions are also at risk. The company has taken immediate remediation measures by providing an RPM script and a fix to address the vulnerability. They have also communicated with their affected customers through proper channels. Notably, the Department Security and Service Organization (DSS) and the National Security Authority in Norway were among the most impacted entities.

The investigation into the cyber-attack is still ongoing, and Ivanti has not disclosed any information regarding the suspected actors or groups involved in the incident. It is essential to note that Ivanti is the result of a merger between Heat Software and LANDESK, which took place in January 2017. Additionally, in September 2020, Ivanti acquired MobileIron for $870M and integrated its technology into Ivanti Endpoint Manager Mobile (EPMM).

In conclusion, the recent cyber-attack on Norwegian government websites highlights the importance of addressing vulnerabilities in software systems. The use of the

tag in web development allows for better organization and styling of webpage elements. However, it is essential to regularly update and patch software to mitigate potential vulnerabilities and prevent unauthorized access.

Key Points:
1. The recent cyber-attack on Norwegian government websites exploited a vulnerability in Ivanti Endpoint Manager Mobile (EPMM).
2. The vulnerability allowed hackers to bypass user authentication and gain unauthorized access to EPMM functions and resources.
3. Ivanti has provided remediation measures, including an RPM script and a fix, to address the vulnerability.
4. The investigation into the cyber-attack is ongoing, and the suspected actors or groups have not been disclosed.
5. The

tag is commonly used in web development to create divisions or sections and apply collective styling or formatting to webpage elements. Regular software updates and patches are crucial to address vulnerabilities and prevent unauthorized access.

Leave a Reply

Your email address will not be published. Required fields are marked *