ID | Votes | Profile Description |
---|
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
ID | Type | Votes | Profile Description |
---|---|---|---|
Unc3886 | Unspecified | 2 | UNC3886 is a threat actor with suspected links to China, known for its cyber espionage operations targeting global strategic organizations. Since 2021, this advanced persistent threat (APT) group has been exploiting a VMware zero-day vulnerability, identified as CVE-2023-34048. The cybersecurity ind |
APT41 | Unspecified | 1 | APT41, also known as Winnti, Wicked Panda, and Wicked Spider, is a sophisticated threat actor attributed to China. This group has been active since at least 2012, targeting organizations across 14 countries. The group is known for its extensive use of various code families and tools, with at least 4 |
ID | Type | Votes | Profile Description |
---|---|---|---|
Follina | Unspecified | 2 | Follina, also known as CVE-2022-30190, is a notable software vulnerability that was discovered and exploited in the first half of 2022. This flaw, found in the Microsoft Windows Support Diagnostic Tool (MSDT), was weaponized by TA413, a cyber threat actor group with suspected ties to China. The grou |
CVE-2021-44228 | Unspecified | 1 | CVE-2021-44228, also known as the Log4j vulnerability, is a software flaw found in Apache Log4j, a widely used logging utility. Despite multiple attempts by Advanced Persistent Threat (APT) actors to exploit this vulnerability in the ServiceDesk system, these efforts were unsuccessful. However, it b |
CVE-2023-2868 | Unspecified | 1 | CVE-2023-2868 is a significant software vulnerability that was identified in the Barracuda Email Security Gateway (ESG) appliances. This flaw, specifically a remote command injection vulnerability, was disclosed by Barracuda on May 30th, 2023. The vulnerability had been exploited as early as October |
CVE-2022-41040 | Unspecified | 1 | CVE-2022-41040 is a software vulnerability that was discovered in late September 2022, along with another flaw, CVE-2022-41082. These two zero-day vulnerabilities were collectively known as ProxyNotShell. The vulnerabilities were exploited to compromise Microsoft Exchange through the proxy mechanism |
CVE-2021-44207 | Unspecified | 1 | CVE-2021-44207 is a significant software vulnerability that was exploited by APT41, a prolific Chinese state-sponsored espionage group known for targeting both public and private sector organizations. This flaw in the USAHerds web application's design or implementation mirrors a previously reported |
CVE-2022-41082 | Unspecified | 1 | CVE-2022-41082 is a critical software vulnerability discovered in Microsoft Exchange Servers, which allows for Remote Code Execution (RCE). This flaw is one of two zero-day vulnerabilities found, the other being CVE-2022-41040. The RCE vulnerability presents a significant threat as it enables attack |
Proxynotshell | Unspecified | 1 | ProxyNotShell is a software vulnerability, specifically a flaw in the design or implementation of Microsoft Exchange Server. It was first identified and exploited through CVE-2022-41082, as reported by Palo Alto Networks' Unit 42. The ProxyNotShell exploit method leveraged an AutoDiscover endpoint t |
CVE-2022-24682 | Unspecified | 1 | None |
CVE-2023-25610 | Unspecified | 1 | None |
CVE-2023-27350 | Unspecified | 1 | CVE-2023-27350 is a significant software vulnerability discovered in PaperCut NG/MF, a popular print management software. This flaw in software design or implementation allows attackers to bypass authentication and execute code with system privileges, posing a serious threat to both server and inter |
Source | CreatedAt | Title |
---|---|---|
CISA | 4 months ago | Siemens RUGGEDCOM APE1808 with Fortigate NGFW Devices | CISA |
CERT-EU | 6 months ago | Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years |
CERT-EU | 6 months ago | Chinese hackers exploit VMware bug as zero-day for two years |
CERT-EU | 7 months ago | Infographic: A History of Network Device Threats and What Lies Ahead |
CERT-EU | 7 months ago | Infographic: A History of Network Device Threats and What Lies Ahead | #ransomware | #cybercrime | National Cyber Security Consulting |
CERT-EU | 10 months ago | My Tea's not cold : an overview of China's cyber threat – Global Security Mag Online |
Securityaffairs | a year ago | Reptile Rootkit employed in attacks against Linux systems in South Korea |
InfoSecurity-magazine | a year ago | Fortinet and PaperCut: Unveiling Critical Vulnerabilities in 2023 |
CERT-EU | a year ago | Top vulnerabilities so far of 2023: Apache Superset, Papercut, MOVEit and yes, ChatGPT |
CERT-EU | a year ago | Which Critical Vulnerabilities Discovered in 2023 Can Do Serious Damage? Read Our Report |
Securityaffairs | a year ago | Advanced actor targets Fortinet FortiOS in attacks on govt entities |
CERT-EU | a year ago | CVE-2022-41328 in FortiOS Exploited in Highly Targeted Attacks |
Securityaffairs | a year ago | China-linked APT likely linked to Fortinet zero-day attacks |
Securityaffairs | a year ago | CISA adds Adobe ColdFusion bug to Known Exploited Vulnerabilities Catalog |
CERT-EU | a year ago | Exploitation of Recent Fortinet Zero-Day Linked to Chinese Cyberspies |
CERT-EU | a year ago | Cyber security week in review: March 17, 2023 |
CERT-EU | a year ago | Exploitation of Recent Fortinet Zero-Day Linked to Chinese Cyberspies | Antivirus and Security news |
Malwarebytes | a year ago | Update now! Microsoft fixes two zero-day bugs |
CERT-EU | a year ago | Chinese threat group suspected to be behind Fortinet zero-day attacks |
Securityaffairs | a year ago | 2022 Zero-Day exploitation continues at a worrisome pace |