ID | Votes | Profile Description |
---|---|---|
Follina | 9 | Follina, also known as CVE-2022-30190, is a notable software vulnerability that was discovered and exploited in the first half of 2022. This flaw, found in the Microsoft Windows Support Diagnostic Tool (MSDT), was weaponized by TA413, a cyber threat actor group with suspected ties to China. The grou |
ID | Type | Votes | Profile Description |
---|---|---|---|
Lokibot | Unspecified | 2 | LokiBot is a malicious software, or malware, that was first reported on October 24, 2020. It is designed to exploit and damage computer systems by infiltrating them through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, LokiBot steals personal information |
ID | Type | Votes | Profile Description |
---|---|---|---|
APT28 | Unspecified | 2 | APT28, also known as Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM, is a threat actor linked to Russia that has been active since at least 2007. The group has targeted governments, militaries, and security organizations worldwide, including the German Social Democratic Party |
ID | Type | Votes | Profile Description |
---|---|---|---|
Log4Shell | Unspecified | 3 | Log4Shell is a significant software vulnerability that exists within the Log4j Java-based logging utility. The vulnerability, officially designated as CVE-2021-44228, allows potential attackers to execute arbitrary code on targeted systems. Advanced Persistent Threat (APT) actors, including LockBit |
Proxyshell | Unspecified | 3 | ProxyShell is a series of vulnerabilities affecting Microsoft Exchange email servers. These flaws in software design or implementation have been exploited by threat actors to gain unauthorized access and control over targeted systems. The ProxyShell vulnerability, officially tracked as CVE-2021-3447 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Securelist | 19 days ago | Analyzing the vulnerability landscape in Q2 2024 | |
DARKReading | a month ago | Russia's 'Fighting Ursa' APT Uses Car Ads to Install HeadLace Malware | |
CISA | a month ago | North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs | CISA | |
Securityaffairs | 4 months ago | NATO and the EU formally condemned APT28 cyber espionage | |
MITRE | 9 months ago | Woody RAT: A new feature-rich malware spotted in the wild | |
Securityaffairs | 9 months ago | Russia's APT8 exploited Outlook 0day to target EU NATO members | |
Securityaffairs | 9 months ago | Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts | |
CERT-EU | 10 months ago | Several French critical networks subjected to Russian APT attacks | |
CERT-EU | 10 months ago | How APT28 Infiltrates Networks in French Universities & Nuclear Plants Without Detection | |
Securityaffairs | 10 months ago | ANSSI warns of Russia-linked APT28 attacks on French entities | |
CERT-EU | a year ago | The Hidden Dangers of Remote Code Execution (RCE) Exploits in Word Documents | |
CERT-EU | a year ago | LokiBot Information Stealer Packs Fresh Infection Strategies | |
CERT-EU | a year ago | Malspam attacks up, new sectors targeted – report | |
CERT-EU | a year ago | nao-sec.org | |
CERT-EU | a year ago | GroundPeony Group Exploiting Zero-day Flaw to Attack Government Agencies | |
CERT-EU | a year ago | GroundPeony Group Exploiting Zero-day Flaw to Attack Government Agencies | IT Security News | |
CERT-EU | a year ago | Uncovering the internet's most enduring threat: The Email Threat Landscape | |
Malwarebytes | a year ago | 2022's most routinely exploited vulnerabilities—history repeats | |
BankInfoSecurity | a year ago | Patching Conundrum: 5-Year Old Flaw Again Tops Most-Hit List | |
CERT-EU | a year ago | Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities |