ID | Votes | Profile Description |
---|---|---|
Proxynotshell | 6 | ProxyNotShell is a software vulnerability, specifically a flaw in the design or implementation of Microsoft Exchange Server. It was first identified and exploited through CVE-2022-41082, as reported by Palo Alto Networks' Unit 42. The ProxyNotShell exploit method leveraged an AutoDiscover endpoint t |
Proxylogon | 1 | ProxyLogon is a notable software vulnerability that surfaced in the cybersecurity landscape. It was part of an exploit chain, including CVE-2021-26855, a server-side request forgery (SSRF) vulnerability in Microsoft Exchange Server. This flaw allowed attackers to bypass authentication mechanisms and |
ID | Type | Votes | Profile Description |
---|---|---|---|
Lockbit | Unspecified | 1 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
ID | Type | Votes | Profile Description |
---|---|---|---|
APT41 | Unspecified | 1 | APT41, also known as Winnti, Wicked Panda, and Wicked Spider, is a sophisticated threat actor attributed to China. This group has been active since at least 2012, targeting organizations across 14 countries. The group is known for its extensive use of various code families and tools, with at least 4 |
Unc3886 | Unspecified | 1 | UNC3886 is a threat actor with suspected links to China, known for its cyber espionage operations targeting global strategic organizations. Since 2021, this advanced persistent threat (APT) group has been exploiting a VMware zero-day vulnerability, identified as CVE-2023-34048. The cybersecurity ind |
Cadet Blizzard | Unspecified | 1 | Cadet Blizzard, a threat actor group associated with Russia's GRU military intelligence unit, has been identified by Microsoft as the perpetrator of destructive cyber attacks in Ukraine using wiper malware. The group has been active since at least 2020 and has recently gained some success, according |
ID | Type | Votes | Profile Description |
---|---|---|---|
CVE-2022-41082 | Unspecified | 3 | CVE-2022-41082 is a critical software vulnerability discovered in Microsoft Exchange Servers, which allows for Remote Code Execution (RCE). This flaw is one of two zero-day vulnerabilities found, the other being CVE-2022-41040. The RCE vulnerability presents a significant threat as it enables attack |
Proxyshell | Unspecified | 3 | ProxyShell is a critical vulnerability affecting Microsoft Exchange email servers. Identified as CVE-2021-34473, it is a flaw in software design or implementation that can be exploited by attackers to gain unauthorized access to systems. The vulnerability was actively exploited by threat actors, cau |
Proxynotshell Cve-2022-41040 | Unspecified | 2 | None |
CVE-2018-13379 | Unspecified | 2 | CVE-2018-13379 is a critical vulnerability that affects FortiOS and Fortiguard, presenting a flaw in their software design or implementation. This specific vulnerability, which can expose sensitive credentials, has been frequently exploited, making the top 15 most routinely exploited list in both 20 |
Proxyshell Cve-2021-34473 | Unspecified | 1 | ProxyShell (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) is a set of three chained vulnerabilities that perform unauthenticated remote code execution (RCE) in Microsoft Exchange. Identified as a significant flaw in software design or implementation, it allows unauthorized users to execute arbitra |
CVE-2023-2868 | Unspecified | 1 | CVE-2023-2868 is a significant software vulnerability that was identified in the Barracuda Email Security Gateway (ESG) appliances. This flaw, specifically a remote command injection vulnerability, was disclosed by Barracuda on May 30th, 2023. The vulnerability had been exploited as early as October |
CVE-2022-41328 | Unspecified | 1 | CVE-2022-41328 is a significant software vulnerability discovered in Fortinet's FortiOS. It was heavily targeted by China-nexus intrusion sets, particularly UNC3886, who exploited the vulnerability to deploy custom malware families on Fortinet and VMware systems. This exploitation occurred in Septem |
CVE-2021-44207 | Unspecified | 1 | CVE-2021-44207 is a significant software vulnerability that was exploited by APT41, a prolific Chinese state-sponsored espionage group known for targeting both public and private sector organizations. This flaw in the USAHerds web application's design or implementation mirrors a previously reported |
CVE-2022-41080 | Unspecified | 1 | CVE-2022-41080 is a significant software vulnerability identified in 2022, specifically a flaw in the design or implementation of Microsoft Exchange Server. This vulnerability enables Server-Side Request Forgery (SSRF), potentially allowing malicious actors to manipulate server requests and execute |
Follina | Unspecified | 1 | Follina, also known as CVE-2022-30190, is a notable software vulnerability that was discovered and exploited in the first half of 2022. This flaw, found in the Microsoft Windows Support Diagnostic Tool (MSDT), was weaponized by TA413, a cyber threat actor group with suspected ties to China. The grou |
Proxynotshell Cve | Unspecified | 1 | None |
Owassrf | Unspecified | 1 | OWASSRF is a software vulnerability that presents a significant security risk to Microsoft Exchange Server systems. It's an exploit method that bypasses ProxyNotShell vulnerability mitigations, allowing for remote code execution on vulnerable servers through Outlook Web Access. This vulnerability ha |
CVE-2021-34473 | Unspecified | 1 | CVE-2021-34473 is a significant software vulnerability that was discovered in Microsoft Exchange Server. This flaw, along with two others (CVE-2021-31207 and CVE-2021-34523), forms a chain of vulnerabilities known as ProxyShell. These vulnerabilities can be exploited together by remote attackers to |
Source | CreatedAt | Title |
---|---|---|
CERT-EU | 5 months ago | Sensor Intel Series: Top CVEs in December 2023 |
BankInfoSecurity | 7 months ago | Breach Roundup: MongoDB Blames Phishing Email for Breach |
CISA | 7 months ago | #StopRansomware: Play Ransomware | CISA |
CERT-EU | 7 months ago | Play Ransomware: SafeBreach Coverage for US-CERT Alert (AA23-352A) |
CERT-EU | 8 months ago | Sensor Intel Series: Top CVEs in October 2023 |
CrowdStrike | 9 months ago | Patch Tuesday Turns 20: The Impact of Microsoft’s Vulnerability Problem |
CERT-EU | 10 months ago | Sensor Intel Series: Top CVEs in August 2023 | F5 Labs |
CERT-EU | 10 months ago | My Tea's not cold : an overview of China's cyber threat – Global Security Mag Online |
DARKReading | a year ago | 'Play' Ransomware Group Targeting MSPs Worldwide in New Campaign |
CERT-EU | a year ago | Unmasking the top exploited vulnerabilities of 2022 – GIXtools |
Securityaffairs | a year ago | In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issues |
CERT-EU | a year ago | The attack via Progress MOVEit Transfer |
CERT-EU | a year ago | View the latest outbreak alerts on cyber-attacks | FortiGuard Labs |
Unit42 | a year ago | Manic Menagerie 2.0: The Evolution of a Highly Motivated Threat Actor |
CERT-EU | a year ago | Anomali Cyber Watch: Cadet Blizzard - New GRU APT, ChamelDoH Hard-to-Detect Linux RAT, Stealthy DoubleFinger Targets Cryptocurrency |
CERT-EU | a year ago | Sensor Intel Series: Top CVEs in May 2023 |
CERT-EU | a year ago | New Russia’s GRU-affiliated APT group linked to destructive wiper attacks on Ukraine |
Unit42 | a year ago | Threat Brief: OWASSRF Vulnerability Exploitation |
Securelist | a year ago | CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange |
CSO Online | a year ago | CISA kicks off ransomware vulnerability pilot to help spot ransomware-exploitable flaws |