ID | Votes | Profile Description |
---|---|---|
Zerologon | 7 | Zerologon is a critical vulnerability (CVE-2020-1472) found within Microsoft's Netlogon Remote Protocol, impacting all versions of Windows Server OS from 2008 onwards. This flaw in software design or implementation allows attackers to bypass authentication mechanisms and change computer passwords wi |
ID | Type | Votes | Profile Description |
---|---|---|---|
Cuba | Unspecified | 2 | The Cuba ransomware, a malicious software active since 2019, has been linked to a series of escalating attacks on US entities and European leaders. The criminal group behind the malware, known by various aliases such as Void Rabisu, UNC2596, Tropical Scorpius, and Storm-0978, has recently targeted w |
Cobaltstrike | Unspecified | 1 | CobaltStrike is a notorious form of malware that has been used in conjunction with other malicious software including IcedID, Qakbot, BazarLoader, Conti, Gozi, Trickbot, Quantum, Emotet, and Royal Ransomware. This malware is typically delivered through suspicious downloads, emails, or websites, ofte |
Cuba Ransomware | Unspecified | 1 | The Cuba ransomware is a malicious software that first appeared on cybersecurity radars in late 2020 under the name "Tropical Scorpius." It is designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites without the user's knowledge. Once insi |
Cobalt Strike Beacon | Unspecified | 1 | Cobalt Strike Beacon is a type of malware known for its harmful capabilities, including stealing personal information, disrupting operations, and potentially holding data hostage for ransom. The malware has been loaded by HUI Loader through various files such as mpc.tmp, dlp.ini, vmtools.ini, and an |
Black Basta | Unspecified | 1 | Black Basta is a notorious malware entity known for its devastating ransomware attacks. First emerging in June 2022, the group has since been associated with a series of high-profile cyber-attacks worldwide. This malware, like others, infiltrates systems through suspicious downloads, emails, or webs |
China Chopper | Unspecified | 1 | China Chopper is a notorious malware that has been widely used by various Advanced Persistent Threat (APT) groups, notably BRONZE UNION. This web shell was found embedded in multiple web shells on SharePoint servers, such as stylecs.aspx, test.aspx, and stylecss.aspx. It is believed to be associated |
ID | Type | Votes | Profile Description |
---|---|---|---|
APT15 | Unspecified | 2 | APT15, also known as Vixen Panda, Nickel, Flea, KE3CHANG, Royal APT, and Playful Dragon, is a threat actor group suspected to be of Chinese origin. The group targets global sectors including trade, economic and financial, energy, and military, aligning with the interests of the Chinese government. I |
Rhysida | Exploited | 2 | Rhysida, a threat actor known for executing malicious cyber activities, has been responsible for numerous ransomware attacks. The group has primarily targeted businesses and healthcare organizations, with notable instances including a disruptive attack on Ann & Robert H. Lurie Children's Hospital of |
Ransomhub | Unspecified | 1 | RansomHub, a threat actor known for executing actions with malicious intent, has recently been linked to several high-profile cyber-attacks. The group is recognized for its ransomware attacks, which have resulted in significant data breaches at multiple companies. Christie, a prominent organization, |
ID | Type | Votes | Profile Description |
---|---|---|---|
CVE-2018-13379 | Unspecified | 1 | CVE-2018-13379 is a critical vulnerability that affects FortiOS and Fortiguard, presenting a flaw in their software design or implementation. This specific vulnerability, which can expose sensitive credentials, has been frequently exploited, making the top 15 most routinely exploited list in both 20 |
CVE-2023-27532 | Unspecified | 1 | CVE-2023-27532 is a high-severity vulnerability discovered in Veeam's Backup & Replication software. This flaw, disclosed in March 2023, can be exploited to breach backup infrastructure hosts. Despite its serious implications, it was not added to the Known Exploited Vulnerabilities (KEV) list until |
CVE-2020-1472 ZEROLOGON | Unspecified | 1 | None |
Printnightmare Cve-2021-34527 | Unspecified | 1 | PrintNightmare (CVE-2021-34527) is a significant software vulnerability that was identified and reported in 2021. It is a flaw in the design or implementation of Microsoft's Windows Print Spooler service, which can be exploited for local and Windows Active Domain privilege escalation. This allows at |
Printnightmare | Unspecified | 1 | PrintNightmare (CVE-2021-34527) is a significant vulnerability in the Windows Print Spooler service that allows an attacker to escalate privileges either locally or remotely by loading a malicious DLL which will be executed as SYSTEM. This flaw, potentially a new zero-day Microsoft vulnerability, en |
CVE-2020-0688 | Unspecified | 1 | CVE-2020-0688 is a significant vulnerability found in Microsoft Exchange Server, which pertains to memory corruption. This flaw allows for remote code execution by exploiting the fact that the application uses a static validationKey and decryptionKey (collectively known as the machineKey) by default |
Source | CreatedAt | Title |
---|---|---|
InfoSecurity-magazine | 17 days ago | Ransomware Groups Prioritize Defense Evasion for Data Exfiltration |
DARKReading | 2 months ago | RansomHub Actors Exploit ZeroLogon Vuln in Recent Ransomware Attacks |
CISA | 3 months ago | #StopRansomware: Black Basta | CISA |
CERT-EU | 5 months ago | Measures to implement against critical vulnerabilities: Zerologon the Windows Netlogon security hole |
Securityaffairs | 7 months ago | Rhysida ransomware group hacked Abdali Hospital in Jordan |
CERT-EU | 7 months ago | Rhysida ransomware group hacked Abdali Hospital in Jordan | #ransomware | #cybercrime | National Cyber Security Consulting |
CERT-EU | 7 months ago | Threat actors still exploiting old unpatched vulnerabilities, says Cisco | IT World Canada News |
Securityaffairs | 8 months ago | Rhysida ransomware group hacked King Edward VII’s Hospital |
SecurityIntelligence.com | 8 months ago | X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021 |
CERT-EU | 8 months ago | FBI And CISA Warn Of Rhysida Ransomware Threat |
Securityaffairs | 8 months ago | Rhysida ransomware gang claimed China Energy hack |
CERT-EU | 8 months ago | Samba 4.12.7 - Release Notes |
CERT-EU | 8 months ago | Same threats, different ransomware |
Securityaffairs | 8 months ago | Rhysida ransomware gang is auctioning data stolen from the British Library |
CERT-EU | 8 months ago | Cyber Security Week In Review: November 17, 2023 |
Securityaffairs | 8 months ago | FBI and CISA warn of attacks by Rhysida ransomware gang |
CISA | 8 months ago | CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware | CISA |
CERT-EU | 8 months ago | FBI and CISA warn of opportunistic Rhysida ransomware attacks |
CISA | 8 months ago | #StopRansomware: Rhysida Ransomware | CISA |
CERT-EU | 9 months ago | Citrix Bleed Vulnerability: Background and Recommendations - ReliaQuest |