b2b-daily
Home | IT | Cyber Security

Nominet Hit by Zero-Day Vulnerability in Ivanti VPN Products, Patches Released

Avatar photo
by Craig Anderson
January 17, 2025
Nominet Hit by Zero-Day Vulnerability in Ivanti VPN Products, Patches Released

In a significant security breach, Nominet, the UK’s top-level domain registry responsible for managing over 11 million domains including .uk, .wales, and .cymru, recently experienced a zero-day vulnerability in Ivanti VPN products. The incident, which came to light in late December, triggered concern among the cybersecurity community due to its potential for widespread impact. The zero-day attack was traced to a buffer overflow vulnerability in Ivanti Connect Secure, a critical flaw that scored a high 9.0 on the CVSS scale. This particular vulnerability leaves the system susceptible to unauthenticated remote code execution, posing a substantial risk to sensitive internet infrastructure. Additionally, this flaw affected versions of Ivanti Connect Secure before 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3.

Quick Patching and Response

On January 8th, Ivanti quickly rolled out a patch for Connect Secure and pledged to fix other affected products by January 21. Nominet responded immediately, applying the patches and notifying the authorities about the breach. Additionally, Nominet enhanced its security measures by tightening VPN access controls to prevent future exploits. During the incident, Nominet collaborated with external experts to investigate the breach, aiming to minimize any damage swiftly. Initial findings showed no data loss or presence of backdoors, and crucial domain registration and management systems remained operational, ensuring uninterrupted services.

This incident underscores the vital importance of rapid detection and response to zero-day vulnerabilities. It reminds us that even well-secured organizations can be targeted and must be equipped to respond promptly to reduce potential damage. As the investigation delved into the specifics of the intrusion, the focus was on understanding the breach’s depth and preventing future occurrences. The swift responses from Ivanti and Nominet highlighted the need for vigilant and adaptive security measures in today’s constantly changing cybersecurity environment.

Information Security

Explore more

Effective Email Automation Strategies Drive Business Growth
May 20, 2026

The digital landscape is currently witnessing a silent revolution where the most successful marketing teams have stopped competing for attention through volume and started winning through surgical precision. While many organizations continue to struggle with the exhausting cycle of manual campaign creation, a sophisticated subset of the market has mastered the art of “set it and forget it” revenue generation.

How Can Modern Email Marketing Drive Exceptional ROI?
May 20, 2026

Every second, millions of digital messages flood into global inboxes, yet only a tiny fraction of these communications actually manage to convert a passive reader into a loyal, high-value customer. While the average marketer often points to a return of thirty-six dollars for every dollar spent as a benchmark of success, this figure represents a mere starting point for organizations

Modern Tactics Drive High-Performance Email Marketing
May 20, 2026

The sheer volume of digital correspondence flooding the modern consumer’s primary inbox has reached a point where generic messaging is no longer merely ignored but actively penalized by sophisticated filtering algorithms. As the global email ecosystem navigates a staggering daily volume of nearly 400 billion messages, the traditional “spray and pray” methodology has transformed from a sub-optimal tactic into a

How Will AI-Native 6G Networks Change Global Connectivity?
May 20, 2026

Global telecommunications are currently undergoing a profound metamorphosis that transcends simple speed upgrades, aiming instead to weave an intelligent fabric directly into the world’s physical reality. While the transition from 4G to 5G was defined by raw speed and reduced latency, the move toward 6G represents a fundamental departure from traditional telecommunications. The industry is moving toward a reality where

How Is AI Redefining the Future of 6G and Telecom Security?
May 20, 2026

The sheer velocity of data surging through modern global telecommunications has already pushed traditional human-centric management systems toward a breaking point that demands a complete architectural overhaul. While the industry previously celebrated the arrival of high-speed mobile broadband, the current shift represents a fundamental departure from hardware-heavy engineering toward a software-defined, intelligent ecosystem. This evolution marks a pivotal moment where