ID | Votes | Profile Description |
---|
ID | Type | Votes | Profile Description |
---|---|---|---|
Lockbit | Unspecified | 1 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
ID | Type | Votes | Profile Description |
---|---|---|---|
POLONIUM | Unspecified | 2 | Polonium is a threat actor group, believed to be based in Lebanon, that has been responsible for significant cyberattacks on Israel's operational technology (OT) and critical infrastructure. In December, Israel's National Cyber Directorate issued warnings that Polonium had targeted critical sectors |
Phosphorus | Unspecified | 1 | Phosphorus, also known as APT35 or Charming Kitten, is a notorious Iranian cyberespionage group linked to the Islamic Revolutionary Guard Corps (IRGC). This threat actor has been involved in a series of malicious activities, employing novel tactics and tools. A significant discovery was made by the |
ID | Type | Votes | Profile Description |
---|---|---|---|
Log4Shell | Unspecified | 2 | Log4Shell is a software vulnerability, specifically a flaw in the design or implementation of the popular Java logging library, Log4j. Identified as CVE-2021-44228, this vulnerability allows an attacker to remotely execute arbitrary code, often leading to full system compromise. Advanced Persistent |
Proxyshell | Unspecified | 2 | ProxyShell is a critical vulnerability affecting Microsoft Exchange email servers. Identified as CVE-2021-34473, it is a flaw in software design or implementation that can be exploited by attackers to gain unauthorized access to systems. The vulnerability was actively exploited by threat actors, cau |
CVE-2022-41040 | Unspecified | 2 | CVE-2022-41040 is a software vulnerability that was discovered in late September 2022, along with another flaw, CVE-2022-41082. These two zero-day vulnerabilities were collectively known as ProxyNotShell. The vulnerabilities were exploited to compromise Microsoft Exchange through the proxy mechanism |
CVE-2022-41082 | Unspecified | 2 | CVE-2022-41082 is a critical software vulnerability discovered in Microsoft Exchange Servers, which allows for Remote Code Execution (RCE). This flaw is one of two zero-day vulnerabilities found, the other being CVE-2022-41040. The RCE vulnerability presents a significant threat as it enables attack |
CVE-2020-12812 | Unspecified | 2 | None |
Proxynotshell | Unspecified | 2 | ProxyNotShell is a software vulnerability, specifically a flaw in the design or implementation of Microsoft Exchange Server. It was first identified and exploited through CVE-2022-41082, as reported by Palo Alto Networks' Unit 42. The ProxyNotShell exploit method leveraged an AutoDiscover endpoint t |
CVE-2021-34473 | Unspecified | 1 | CVE-2021-34473 is a significant software vulnerability that was discovered in Microsoft Exchange Server. This flaw, along with two others (CVE-2021-31207 and CVE-2021-34523), forms a chain of vulnerabilities known as ProxyShell. These vulnerabilities can be exploited together by remote attackers to |
CVE-2021-34523 | Unspecified | 1 | None |
CVE-2021-40539 | Unspecified | 1 | None |
Proxynotshell Cve-2022-41040 | Unspecified | 1 | None |
Follina | Unspecified | 1 | Follina, also known as CVE-2022-30190, is a notable software vulnerability that was discovered and exploited in the first half of 2022. This flaw, found in the Microsoft Windows Support Diagnostic Tool (MSDT), was weaponized by TA413, a cyber threat actor group with suspected ties to China. The grou |
CVE-2020-1472 | Unspecified | 1 | CVE-2020-1472, also known as the ZeroLogon vulnerability, is a critical-severity privilege escalation flaw in Microsoft's Netlogon Remote Protocol. It was patched by Microsoft on August 11, 2020. This vulnerability allows attackers to gain administrative access to a Windows domain controller without |
Proxynotshell Cve | Unspecified | 1 | None |
CVE-2021-31207 | Unspecified | 1 | CVE-2021-31207 is a significant software vulnerability that affects Atlassian Confluence and Microsoft Exchange. It was discovered that Advanced Persistent Threat group APT40 rapidly exploits this flaw, along with other public vulnerabilities in widely used software like Log4J (CVE-2021-44228) and M |
Source | CreatedAt | Title |
---|---|---|
InfoSecurity-magazine | 17 days ago | Ransomware Groups Prioritize Defense Evasion for Data Exfiltration |
CERT-EU | 5 months ago | Sensor Intel Series: Top CVEs in December 2023 |
DARKReading | 6 months ago | 'Midnight Blizzard' Breached HPE Email Months Before Microsoft Hack |
CERT-EU | 7 months ago | Infographic: A History of Network Device Threats and What Lies Ahead |
CERT-EU | 7 months ago | Infographic: A History of Network Device Threats and What Lies Ahead | #ransomware | #cybercrime | National Cyber Security Consulting |
BankInfoSecurity | 7 months ago | Breach Roundup: MongoDB Blames Phishing Email for Breach |
CISA | 7 months ago | #StopRansomware: Play Ransomware | CISA |
CERT-EU | 7 months ago | Play Ransomware: SafeBreach Coverage for US-CERT Alert (AA23-352A) |
MITRE | 7 months ago | Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021 | Microsoft Security Blog |
DARKReading | 8 months ago | Iran Threatens Israel's Critical Infrastructure With 'Polonium' Proxy |
CERT-EU | 8 months ago | Ransomware Dwell Time Hits Low of 24 Hours | #ransomware | #cybercrime | National Cyber Security Consulting |
CERT-EU | 8 months ago | Sensor Intel Series: Top CVEs in October 2023 |
CERT-EU | 10 months ago | Cybercriminals can go from click to compromise in less than a day | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
CERT-EU | 10 months ago | PLAY Cyber Attack: 6 New Victims Targeted In Ransom Attack |
CERT-EU | 10 months ago | Sensor Intel Series: Top CVEs in August 2023 | F5 Labs |
BankInfoSecurity | a year ago | Feds Urge Immediate Patching of Zoho and Fortinet Products |
BankInfoSecurity | a year ago | Feds Urge Immediately Patching of Zoho and Fortinet Products |
CERT-EU | a year ago | Qualys Top 20 Exploited Vulnerabilities | Qualys Security Blog |
CERT-EU | a year ago | Play Ransomware Targets Victims Via MSPs’ RMM Software |
BankInfoSecurity | a year ago | Play Ransomware Using MSPs and N-Days to Attack |