Forensics
NVISO analyzes TLS n-day backdoors SparkCockpit & SparkTar
By dertischer
March 1, 2024

In early 2024, Ivanti’s Pulse Secure appliances were targeted in a widespread cyber attack, exposing organizations to serious vulnerabilities. NVISO's recent investigation uncovered two covert TLS-based backdoors - SparkCockpit & SparkTar - previously undetected by most security solutions.

These backdoors, deployed through the exploitation of CVE-2023-46805 & CVE-2024-21887, offer attackers unprecedented access to compromised networks. SparkTar, in particular, is a sophisticated threat capable of surviving resets and upgrades, posing a significant risk to affected organizations.

Our latest report dives into the intricate details of these threats and provides crucial insights for enhancing your security posture.

Don't miss out on this essential resource – visit our NVISO Labs blog to download the full report: https://blog.nviso.eu/2024/03/01/covert-tls-n-day-backdoors-sparkcockpit-sparktar

By dertischer
March 1, 2024

Get supportinfo@nviso.eu

Belgium
Guimardstraat 8 b6 1040 Brussels +32 2 318 58 31
Germany
Holzgraben 5 60313 Frankfurt am Main Machtlfinger Str. 21 81379 München +49 69 9675 8554
Austria
Gumpendorfer Straße 19-21 1060 Wien+43 1358 0084
Greece
Feidiou 9 10678 Athens+30 211 955 7637