Forensics
NVISO analyzes TLS n-day backdoors SparkCockpit & SparkTar
By dertischer
March 1, 2024

In early 2024, Ivanti’s Pulse Secure appliances were targeted in a widespread cyber attack, exposing organizations to serious vulnerabilities. NVISO's recent investigation uncovered two covert TLS-based backdoors - SparkCockpit & SparkTar - previously undetected by most security solutions.

These backdoors, deployed through the exploitation of CVE-2023-46805 & CVE-2024-21887, offer attackers unprecedented access to compromised networks. SparkTar, in particular, is a sophisticated threat capable of surviving resets and upgrades, posing a significant risk to affected organizations.

Our latest report dives into the intricate details of these threats and provides crucial insights for enhancing your security posture.

Don't miss out on this essential resource – visit our NVISO Labs blog to download the full report: https://blog.nviso.eu/2024/03/01/covert-tls-n-day-backdoors-sparkcockpit-sparktar

By dertischer
March 1, 2024

Get supportinfo@nviso.eu

Belgium
Rue Guimard 8 1000 Brussels +32 2 318 58 31
Germany
Holzgraben 5 60313 Frankfurt am Main Machtlfinger Str. 21 81379 München +49 69 9675 8554
Austria
Am Euro Platz 2
 (Euro Plaza 4) 
1120 Wien+43 1 717 28 466
Greece
Feidiou 9 10678 Athens+30 211 955 7637
NVISOSecurity
NVISO_Labs
NVISO Security
blog.nviso.eu
NVISO Client PortalPrivacy Policy

Design with care © Stereo Agency - 2024. All rights reserved.