Vulnerability was exploited as a zero-day.
Nominet has confirmed that it has experienced a cybersecurity incident that is linked to the recent Ivanti vulnerability.
The UK domain registry, which maintains the .co.uk domains, warned of an “ongoing security incident” which was under investigation in an email to customers, seen by TechCrunch.
The company said attackers accessed its systems via “third-party VPN software supplied by Ivanti,” adding that the intrusion “exploited a zero-day vulnerability,” giving Nominet no time to apply patches.
Nominet is the first organisation to publicly confirm it has been affected by the Ivanti bug. It said it currently has “no evidence of data breach or leakage” and said it has restricted access to the VPN software while it investigates the incident.
In an email to SC UK, a spokesperson for Ivanti, said: "Consistent with our commitment to supporting customers, we are working closely with Nominet and the relevant authorities to provide all necessary support. We strongly urge all customers to follow the guidance outlined in our security advisory to ensure their systems are protected.
"We appreciate the trust our customers place in us. We are committed to their security and to continuously improving our products and processes, in collaboration with the broader security ecosystem."
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
