b2b-daily
Home | IT | Cyber Security

Nominet Hit by Zero-Day Vulnerability in Ivanti VPN Products, Patches Released

Avatar photo
by Craig Anderson
January 17, 2025
Nominet Hit by Zero-Day Vulnerability in Ivanti VPN Products, Patches Released

In a significant security breach, Nominet, the UK’s top-level domain registry responsible for managing over 11 million domains including .uk, .wales, and .cymru, recently experienced a zero-day vulnerability in Ivanti VPN products. The incident, which came to light in late December, triggered concern among the cybersecurity community due to its potential for widespread impact. The zero-day attack was traced to a buffer overflow vulnerability in Ivanti Connect Secure, a critical flaw that scored a high 9.0 on the CVSS scale. This particular vulnerability leaves the system susceptible to unauthenticated remote code execution, posing a substantial risk to sensitive internet infrastructure. Additionally, this flaw affected versions of Ivanti Connect Secure before 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3.

Quick Patching and Response

On January 8th, Ivanti quickly rolled out a patch for Connect Secure and pledged to fix other affected products by January 21. Nominet responded immediately, applying the patches and notifying the authorities about the breach. Additionally, Nominet enhanced its security measures by tightening VPN access controls to prevent future exploits. During the incident, Nominet collaborated with external experts to investigate the breach, aiming to minimize any damage swiftly. Initial findings showed no data loss or presence of backdoors, and crucial domain registration and management systems remained operational, ensuring uninterrupted services.

This incident underscores the vital importance of rapid detection and response to zero-day vulnerabilities. It reminds us that even well-secured organizations can be targeted and must be equipped to respond promptly to reduce potential damage. As the investigation delved into the specifics of the intrusion, the focus was on understanding the breach’s depth and preventing future occurrences. The swift responses from Ivanti and Nominet highlighted the need for vigilant and adaptive security measures in today’s constantly changing cybersecurity environment.

Information Security

Explore more

Can AI and Embedded Finance Bridge Nigeria’s Credit Gap?
June 10, 2026

The financial landscape in Nigeria is undergoing a fundamental transformation, shifting away from a decade-long reliance on traditional banking metrics toward a more inclusive, technology-driven model. The core of this evolution lies in the convergence of two structural forces: embedded finance and artificial intelligence. This shift marks the end of an era where credit access was strictly limited to those

Xiaomi Redmi K100 – Review
June 10, 2026

The transition from affordable mid-range devices to sophisticated powerhouses that rival high-end flagships has reached a critical tipping point with recent hardware revelations. This evolution reflects a broader industry move toward democratizing premium features for a global audience. The focus has shifted from mere cost-cutting to delivering uncompromising performance. Evolution of the Redmi K-Series and the Rise of the K100

iOS 27 Spatial Reframing Is a Secret iPhone Storage Weapon
June 10, 2026

The persistent anxiety of missing a perfect photographic moment often leads to a cluttered camera roll filled with dozens of nearly identical shots that consume valuable gigabytes of space. This digital hoarding behavior is largely driven by the inherent unpredictability of manual framing, where a slight tilt of the wrist or an ill-timed blink can ruin a singular capture. However,

Should You Say Please and Thank You to AI?
June 10, 2026

Dominic Jainy’s extensive background in artificial intelligence and machine learning offers a sophisticated perspective on one of the most curious behavioral shifts in the modern erthe habit of treating software with human-level courtesy. As an expert who navigates the complexities of blockchain and neural networks, Jainy understands that while a chatbot might feel like a “helpful colleague” who remembers past

Can Microsoft Become a Full-Stack AI Powerhouse?
June 10, 2026

The technological landscape has shifted from a race to deploy third-party models to a strategic scramble for total vertical integration within the corporate artificial intelligence stack. While the industry previously viewed the software giant as a distributor for external research breakthroughs, the current organizational pivot reveals a massive investment in self-sufficiency that spans from raw silicon to reasoning logic. This