嗯,用户让我帮忙总结一下这篇文章的内容,控制在一百个字以内,而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写描述即可。首先,我需要仔细阅读并理解文章内容。 文章主要讲的是2021年软件巨头Ivanti发现中国黑客入侵了其子公司Pulse Secure的网络。Pulse Secure提供VPN设备给全球多家公司和政府机构。黑客利用了他们植入的一个秘密后门,导致119个其他组织受到影响。Mandiant也知情,并警告Ivanti黑客利用漏洞入侵了欧洲和美国的军事承包商。 此外,文章提到Ivanti在2017年被Clearlake Capital Group收购后,进行了多轮裁员和成本削减,特别是2022年,这影响了拥有深厚产品和安全知识的员工。这导致了公司关键技术和安全质量的下降。Ivanti和Mandiant没有回应置评请求。 还有提到Bloomberg的发现与Citrix的情况类似,Citrix在2022年被收购后也进行了大规模裁员,并面临网络安全事件和关键漏洞问题。Ivanti的VPN产品至少还导致了另外两次重大攻击,包括CISA在2024年下令联邦机构断开Ivanti VPN设备连接的情况。 总结起来,文章揭示了由于私募股权驱动的收购、裁员和成本削减,导致Ivanti的关键技术质量和安全性下降,进而引发了一系列网络安全问题。 现在我需要将这些信息浓缩到100字以内。重点包括:中国黑客入侵Pulse Secure VPN软件、利用后门影响119个组织、收购后的裁员影响安全、以及后续的安全事件。 所以最终的总结应该是:中国黑客利用Pulse Secure VPN软件中的秘密后门入侵其网络,并影响了119个组织。Ivanti在被私募股权收购后进行裁员和成本削减,导致安全质量下降,并引发后续攻击。 </think> 中国黑客利用Pulse Secure VPN软件中的秘密后门入侵其网络,并影响了119个组织。Ivanti在被私募股权收购后进行裁员和成本削减,导致安全质量下降,并引发后续攻击。 2026-2-23 16:33:40 Author: techcrunch.com(查看原文) 阅读量:1 收藏
In February 2021, software giant Ivanti discovered that Chinese hackers had breached the network of Pulse Secure, one of its subsidiaries that provided VPN appliances to dozens of companies and government agencies around the world, according to new reporting by Bloomberg.
The hackers exploited a secret backdoor they had planted in Pulse Secure’s VPN software, Bloomberg reported, citing Ivanti’s chief security officer at the time and other sources. The backdoor allowed the hackers to gain access to 119 other unnamed organizations that used the company’s same VPN product.
Mandiant was reportedly aware of the breaches as well, alerting Ivanti that hackers had exploited the bug to breach European and U.S. military contractors.
The previously unreported breach is the latest example of how acquisitions, layoffs, and cost-cutting driven by private equity firms helped to compromise the quality and security of Ivanti’s most critical technologies. After private investment giant Clearlake Capital Group acquired Ivanti in 2017, Bloomberg reported rounds of cuts — particularly in 2022 — affecting employees who had deep institutional knowledge of the company’s products and their security.
Ivanti and Mandiant did not respond to a request for comment.
Bloomberg’s findings echo earlier reporting into rival provider of remote access tools, Citrix, which had large-scale layoffs following a 2022 deal by Elliott Investment Management and Vista Equity Partners to buy the company. Like Ivanti, Citrix has been mired by cybersecurity incidents and critical flaws in recent years.
Ivanti’s VPN products have been the cause of at least two other major attacks since.
Techcrunch event
Boston, MA | June 9, 2026
In early 2024, U.S. cybersecurity agency CISA ordered all federal agencies to disconnect their Ivanti VPN appliances within two days because hackers were actively exploiting vulnerabilities that were unknown to Ivanti at the time. Ivanti also warned customers last year that hackers were exploiting another critical flaw in its Connect Secure product to hack corporate customers.
Lorenzo Franceschi-Bicchierai is a Senior Writer at TechCrunch, where he covers hacking, cybersecurity, surveillance, and privacy.
You can contact or verify outreach from Lorenzo by emailing [email protected], via encrypted message at +1 917 257 1382 on Signal, and @lorenzofb on Keybase/Telegram.
如有侵权请联系:admin#unsafe.sh