All news with #apache tomcat tag

CISA Details Two Java Loaders Exploiting Ivanti EPMM Flaws

🔒 CISA released details of two malicious toolsets found on an organization's server after attackers chained zero-day vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). Each set contains a Java loader that installs an HTTP listener to decode, decrypt and execute arbitrary payloads and maintain persistence. CISA urges updating EPMM, monitoring for suspicious activity, and restricting access to MDM systems.