ID | Votes | Profile Description |
---|---|---|
Proxyshell | 7 | ProxyShell is a series of vulnerabilities affecting Microsoft Exchange email servers. These flaws in software design or implementation have been exploited by threat actors to gain unauthorized access and control over targeted systems. The ProxyShell vulnerability, officially tracked as CVE-2021-3447 |
ID | Type | Votes | Profile Description |
---|---|---|---|
Hive | Unspecified | 2 | Hive is a malicious software (malware) that has been used by the cybercriminal group, Hunters International, to launch ransomware attacks since October of last year. The group operates as a ransomware-as-a-service (RaaS) provider, spreading Hive rapidly through collaborations with less sophisticated |
ID | Type | Votes | Profile Description |
---|---|---|---|
APT40 | Unspecified | 2 | APT40 is a China-attributed cyber espionage group known for targeting countries strategically significant to the Belt and Road Initiative. The group has been linked to at least 51 different code families, exhibiting a broad range of capabilities. APT40 typically employs spear-phishing emails, often |
ID | Type | Votes | Profile Description |
---|---|---|---|
CVE-2021-31207 | Unspecified | 5 | CVE-2021-31207 is a significant software vulnerability that has been exploited by APT40, a group known for rapidly taking advantage of newly public vulnerabilities in widely used software. This particular vulnerability affects Atlassian Confluence and Microsoft Exchange, among other platforms, and a |
CVE-2021-44228 | Unspecified | 3 | CVE-2021-44228, also known as the Log4Shell vulnerability, is a significant flaw in Apache's Log4j software. Disclosed in December 2021, it quickly became one of the most severe bugs due to its widespread usage and potential for exploitation. Various Advanced Persistent Threat (APT) actors attempted |
CVE-2021-34523 | Unspecified | 3 | None |
Proxylogon | Unspecified | 2 | ProxyLogon is a significant software vulnerability, specifically a server-side request forgery (SSRF) vulnerability in Microsoft Exchange Server. Identified as CVE-2021-26855, it forms part of the ProxyLogon exploit chain and allows attackers to bypass authentication mechanisms and impersonate users |
Follina | Unspecified | 2 | Follina, also known as CVE-2022-30190, is a notable software vulnerability that was discovered and exploited in the first half of 2022. This flaw, found in the Microsoft Windows Support Diagnostic Tool (MSDT), was weaponized by TA413, a cyber threat actor group with suspected ties to China. The grou |
Log4Shell | Unspecified | 2 | Log4Shell is a significant software vulnerability that exists within the Log4j Java-based logging utility. The vulnerability, officially designated as CVE-2021-44228, allows potential attackers to execute arbitrary code on targeted systems. Advanced Persistent Threat (APT) actors, including LockBit |
Proxyshell Cve-2021-34473 | Unspecified | 2 | ProxyShell (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) is a set of three chained vulnerabilities that perform unauthenticated remote code execution (RCE) in Microsoft Exchange. Identified as a significant flaw in software design or implementation, it allows unauthorized users to execute arbitra |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Securelist | 4 days ago | New malicious web shell from the Tropic Trooper group is found in the Middle East | |
Securityaffairs | 2 months ago | Cybersecurity agencies warn of China-linked APT40 's capabilities | |
CISA | 2 months ago | People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action | CISA | |
BankInfoSecurity | 4 months ago | Active Chinese Cyberespionage Campaign Rifling Email Servers | |
Unit42 | 4 months ago | Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia | |
Securityaffairs | 4 months ago | A malware campaign exploits Microsoft Exchange Server flaws | |
CERT-EU | 7 months ago | Sensor Intel Series: Top CVEs in December 2023 | |
CERT-EU | 8 months ago | ProxyShell-targeting Babuk Tortilla ransomware decrypted after hacker’s arrest | #ransomware | #cybercrime | National Cyber Security Consulting | |
MITRE | 9 months ago | RaaS AvosLocker Incident Response Analysis | |
MITRE | 9 months ago | Ransomware Spotlight: AvosLocker | |
CERT-EU | 9 months ago | GitHub - kh4sh3i/ProxyShell: CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability | |
CERT-EU | 9 months ago | Sensor Intel Series: Top CVEs in October 2023 | |
CERT-EU | 10 months ago | CISA Releases Cybersecurity Guidance for Healthcare, Public Health Organizations | |
CERT-EU | a year ago | What we know about BlackCat and the MGM hack | |
CERT-EU | a year ago | Sensor Intel Series: Top CVEs in August 2023 | F5 Labs | |
Securityaffairs | a year ago | Earth Lusca expands its arsenal with SprySOCKS Linux malware | |
Trend Micro | a year ago | Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement | |
DARKReading | a year ago | Iran's Charming Kitten Pounces on Israeli Exchange Servers | |
CERT-EU | a year ago | From Caribbean shores to your devices: analyzing Cuba ransomware – GIXtools | |
Securelist | a year ago | Analysis of Cuba ransomware gang activity and tooling |