ID | Votes | Profile Description |
---|---|---|
Proxylogon | 5 | ProxyLogon is a notable software vulnerability that surfaced in the cybersecurity landscape. It was part of an exploit chain, including CVE-2021-26855, a server-side request forgery (SSRF) vulnerability in Microsoft Exchange Server. This flaw allowed attackers to bypass authentication mechanisms and |
ID | Type | Votes | Profile Description |
---|---|---|---|
Tomiris | Unspecified | 1 | Tomiris is a malicious software (malware) group that has been active since before 2019. Known for its use of the QUIETCANARY backdoor, Tomiris has expanded its capabilities and influence within the region, targeting government entities and other high-value targets. The group has shown a particular i |
China Chopper | Unspecified | 1 | China Chopper is a notorious malware that has been widely used by various Advanced Persistent Threat (APT) groups, notably BRONZE UNION. This web shell was found embedded in multiple web shells on SharePoint servers, such as stylecs.aspx, test.aspx, and stylecss.aspx. It is believed to be associated |
PowerLess | Unspecified | 1 | Powerless is a malware that was deployed by Ballistic Bobcat in September 2021, as they were concluding the campaign documented in CISA Alert AA21-321A and the PowerLess campaign. The malware was introduced through a new backdoor, exploiting gaps left by traditional security measures which are often |
ID | Type | Votes | Profile Description |
---|---|---|---|
HAFNIUM | Unspecified | 1 | Hafnium, a China-aligned Advanced Persistent Threat (APT) group, has been identified as a significant cybersecurity threat. The group is known for exploiting vulnerabilities in software such as Microsoft Exchange Server and Zoho products. In 2021, Hafnium was actively exploiting a bug in the Microso |
Phosphorus | Unspecified | 1 | Phosphorus, also known as APT35 or Charming Kitten, is a notorious Iranian cyberespionage group linked to the Islamic Revolutionary Guard Corps (IRGC). This threat actor has been involved in a series of malicious activities, employing novel tactics and tools. A significant discovery was made by the |
Ballistic Bobcat | Unspecified | 1 | Ballistic Bobcat, also known as APT35, APT42, Charming Kitten, TA453, and Phosphorus, is a threat actor group believed to be aligned with Iran. The group has been active for several years, developing and deploying a series of backdoor exploits known as Sponsor (versions v1 through v4). Ballistic Bob |
ID | Type | Votes | Profile Description |
---|---|---|---|
Proxyshell | Unspecified | 2 | ProxyShell is a critical vulnerability affecting Microsoft Exchange email servers. Identified as CVE-2021-34473, it is a flaw in software design or implementation that can be exploited by attackers to gain unauthorized access to systems. The vulnerability was actively exploited by threat actors, cau |
CVE-2021-26857 | Unspecified | 2 | None |
CVE-2021-26858 | Unspecified | 2 | None |
CVE-2021-27065 | Unspecified | 2 | None |
Proxylogon (Cve-2021-26855 | Unspecified | 1 | None |
Proxylogon Cve | Unspecified | 1 | None |
Proxyshell Cve | Unspecified | 1 | None |
Log4Shell | Unspecified | 1 | Log4Shell is a software vulnerability, specifically a flaw in the design or implementation of the popular Java logging library, Log4j. Identified as CVE-2021-44228, this vulnerability allows an attacker to remotely execute arbitrary code, often leading to full system compromise. Advanced Persistent |
Proxylogon Cve-2021-26855 | Unspecified | 1 | None |
Proxynotshell | Unspecified | 1 | ProxyNotShell is a software vulnerability, specifically a flaw in the design or implementation of Microsoft Exchange Server. It was first identified and exploited through CVE-2022-41082, as reported by Palo Alto Networks' Unit 42. The ProxyNotShell exploit method leveraged an AutoDiscover endpoint t |
Proxyshell Cve-2021-26855 | Unspecified | 1 | None |
Source | CreatedAt | Title |
---|---|---|
BankInfoSecurity | 2 months ago | Active Chinese Cyberespionage Campaign Rifling Email Servers |
Unit42 | 2 months ago | Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia |
CERT-EU | 5 months ago | Sensor Intel Series: Top CVEs in December 2023 |
MITRE | 7 months ago | Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021 | Microsoft Security Blog |
MITRE | 7 months ago | Ransomware Spotlight: AvosLocker |
MITRE | 7 months ago | Analyzing Attacker Behavior Post-Exploitation of MS Exchange | Rapid7 Blog |
MITRE | 7 months ago | An In-Depth Look at Black Basta Ransomware |
CERT-EU | 8 months ago | Rackspace Ransomware Costs Soar to Nearly $12M | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
CERT-EU | 8 months ago | Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks |
CERT-EU | 8 months ago | Sensor Intel Series: Top CVEs in October 2023 |
CERT-EU | 8 months ago | Are DarkGate and PikaBot the new QakBot? |
DARKReading | 8 months ago | Rackspace Ransomware Costs Soar to Nearly $12M |
CERT-EU | 8 months ago | Gov to create safe harbour for companies under cyber attack |
CERT-EU | 10 months ago | Sensor Intel Series: Top CVEs in August 2023 | F5 Labs |
CERT-EU | 10 months ago | Cyber Security Week in Review: September 15, 2023 |
ESET | 10 months ago | Sponsor with batch-filed whiskers: Ballistic Bobcat’s scan and strike backdoor |
BankInfoSecurity | 10 months ago | Iranian Hackers 'Ballistic Bobcat' Deploy New Backdoor |
CERT-EU | 10 months ago | ‘Scan-and-exploit’ campaign snares unpatched Exchange servers |
CERT-EU | 10 months ago | Iranian hackers target orgs in Brazil, Israel, and OAE with new Sponsor backdoor |
CERT-EU | 10 months ago | From Caribbean shores to your devices: analyzing Cuba ransomware – GIXtools |