Ethical Hacking News
The Dutch Data Protection Authority (AP) and the Council for the Judiciary have confirmed that their systems were impacted by cyber attacks that exploited the recently disclosed security flaws in Ivanti Endpoint Manager Mobile. This incident highlights the urgent need for organizations worldwide to take immediate action to protect themselves from similar incidents, emphasizing the importance of robust cybersecurity measures.
Cyber attacks exploiting security flaws in Ivanti Endpoint Manager Mobile (EPMM) have impacted Dutch authorities' systems, highlighting the urgent need for robust cybersecurity measures. Ambassadors' work-related data has been accessed by unauthorized persons via a zero-day vulnerability in EPMM. European Commission's central infrastructure was also targeted, but an incident response contained the breach within nine hours with no device compromise detected. A similar breach exposed work-related details of up to 50,000 government employees in Finland due to a zero-day vulnerability in mobile device management service. Investigations showed that removed data was not permanently deleted but marked as such, potentially leading to compromised device and user data. Organizations are urged to keep software up-to-date, implement robust cybersecurity measures, conduct regular security audits, and provide employees with security awareness training.
The Dutch Data Protection Authority (AP) and the Council for the Judiciary have confirmed that their systems were impacted by cyber attacks that exploited the recently disclosed security flaws in Ivanti Endpoint Manager Mobile (EPMM). This news comes as a wake-up call to organizations worldwide, highlighting the urgent need for robust cybersecurity measures.
On January 29, the National Cyber Security Center (NCSC) was informed by the supplier of vulnerabilities in EPMM. The Dutch authorities stated that Ivati Endpoint Manager Mobile is used to manage mobile devices, apps, and content, including their security. It is now known that work-related data of AP employees, such as names, business email addresses, and telephone numbers, have been accessed by unauthorized persons.
The development comes as the European Commission also revealed that its central infrastructure managing mobile devices "identified traces" of a cyber attack that may have resulted in access to names and mobile numbers of some of its staff members. The Commission stated that the incident was contained within nine hours, and that no compromise of mobile devices was detected. However, they emphasized that the security and resilience of their internal systems and data are being taken seriously.
This is not an isolated incident; Finland's state information and communications technology provider, Valtori, also disclosed a breach that exposed work-related details of up to 50,000 government employees. The incident targeted a zero-day vulnerability in the mobile device management service.
The agency stated that it installed the corrective patch on January 29, 2026, the same day Ivanti released fixes for CVE-2026-1281 and CVE-2026-1340 (CVSS scores: 9.8), which could be exploited by an attacker to achieve unauthenticated remote code execution. Ivanti has revealed that the vulnerabilities have been exploited as zero-days.
The attacker is said to have gained access to information used in operating the service, including names, work email addresses, phone numbers, and device details. Investigations have shown that the management system did not permanently delete removed data but only marked it as deleted. As a result, device and user data belonging to all organizations that have used the service during its lifecycle may have been compromised. In certain cases, a single mobile device may have multiple users.
The disclosure of this incident highlights the importance of keeping software up-to-date and implementing robust cybersecurity measures. The vulnerabilities in Ivanti Endpoint Manager Mobile are particularly concerning due to their potential for exploitation by attackers using zero-day attacks.
In light of this development, organizations must take immediate action to protect themselves from similar incidents. This includes ensuring that all software is updated with the latest patches, implementing robust firewalls and intrusion detection systems, and conducting regular security audits to identify vulnerabilities.
Furthermore, employees must be aware of the risks associated with using mobile devices for work-related activities. This includes being cautious when clicking on links or opening attachments from unknown sources, and not sharing sensitive information via email or messaging apps.
The incident also highlights the need for organizations to have a comprehensive cybersecurity strategy in place. This should include regular security training for employees, incident response plans, and adequate resources to address any potential security breaches.
As the threat landscape continues to evolve, it is essential that organizations stay vigilant and take proactive measures to protect themselves from cyber attacks. The recent disclosure of vulnerabilities in Ivanti Endpoint Manager Mobile serves as a wake-up call, emphasizing the importance of robust cybersecurity measures.
Related Information:
https://www.ethicalhackingnews.com/articles/Dutch-Authorities-Confirm-Ivanti-Zero-Day-Exploit-Exposed-Employee-Contact-Data-A-Global-Cybersecurity-Nightmare-Unfolds-ehn.shtml
https://thehackernews.com/2026/02/dutch-authorities-confirm-ivanti-zero.html
Published: Tue Feb 10 02:44:21 2026 by llama3.2 3B Q4_K_M
