Alias Description | Votes |
---|---|
CVE-2022-30190 is a possible alias for Follina. CVE-2022-30190, also known as the "Follina" vulnerability, is a high-risk software flaw in the Microsoft Support Diagnostic Tool that allows for remote code execution. This 0-day vulnerability was disclosed in May 2022 and has since been exploited by threat actors, including TA413, who weaponized it | 9 |
Alias Description | Association Type | Votes |
---|---|---|
The Xworm Malware is associated with Follina. XWorm is a sophisticated piece of malware designed to infiltrate and exploit computer systems, often without the user's knowledge. It can be delivered through various means such as suspicious downloads, emails, or websites, and once inside a system, it can steal personal information, disrupt operati | Unspecified | 2 |
The QakBot Malware is associated with Follina. Qakbot is a potent piece of malware, or malicious software, that infiltrates computer systems through suspicious downloads, emails, or websites. Once installed, it can steal personal information, disrupt operations, or even hold data hostage for ransom. This malware, built by various groups includin | Unspecified | 2 |
The Qbot Malware is associated with Follina. Qbot, also known as Qakbot or Pinkslipbot, is a modular information stealer malware that first emerged in 2007 as a banking trojan. Its evolution has seen it become an advanced strain of malware used by multiple cybercriminal groups to prepare compromised networks for ransomware infestations. The fi | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The APT28 Threat Actor is associated with Follina. APT28, also known as Fancy Bear or Unit 26165 of the Russian Main Intelligence Directorate, is a threat actor linked to Russia. The group has been involved in several high-profile cyber-espionage activities, including the hacking of the Democratic National Committee (DNC) during the 2016 US Presiden | Targets | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Log4Shell Vulnerability is associated with Follina. Log4Shell is a critical vulnerability in the popular Java library Log4j, identified by CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105. This flaw in software design or implementation can allow cybercriminals to execute arbitrary code on affected systems remotely. The vulnerability was widely expl | Unspecified | 3 |
The vulnerability CVE-2022-1040 is associated with Follina. | Unspecified | 3 |
The Proxyshell Vulnerability is associated with Follina. ProxyShell is a critical vulnerability affecting Microsoft Exchange email servers. It is a software design and implementation flaw that allows attackers to gain unauthorized access to the affected systems. The exploit chain for ProxyShell includes CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. | Unspecified | 3 |
The CVE-2022-41328 Vulnerability is associated with Follina. CVE-2022-41328 is a significant software vulnerability discovered in Fortinet's FortiOS. It was heavily targeted by China-nexus intrusion sets, particularly UNC3886, who exploited the vulnerability to deploy custom malware families on Fortinet and VMware systems. This exploitation occurred in Septem | Unspecified | 2 |
The vulnerability CVE-2021-40444 is associated with Follina. | Unspecified | 2 |
The CVE-2022-26134 Vulnerability is associated with Follina. CVE-2022-26134 is a critical software vulnerability that was discovered in Atlassian Confluence Server and Data Center. This flaw, which allows for remote code execution (RCE), was publicly disclosed by Atlassian in June 2022. The Cybersecurity and Infrastructure Security Agency (CISA) recognized th | Unspecified | 2 |
The CVE-2021-26084 Vulnerability is associated with Follina. CVE-2021-26084 is a critical vulnerability related to Atlassian's Confluence software. The flaw in the software design or implementation was first exploited as a zero-day, before its public disclosure in June 2022. It allowed remote attackers to execute code on a Confluence Server via injection atta | Unspecified | 2 |
The CVE-2021-34473 Vulnerability is associated with Follina. CVE-2021-34473 is a significant software vulnerability that was discovered in Microsoft Exchange Server. This flaw, along with two others (CVE-2021-31207 and CVE-2021-34523), forms a chain of vulnerabilities known as ProxyShell. These vulnerabilities can be exploited together by remote attackers to | Unspecified | 2 |
The CVE-2022-42475 Vulnerability is associated with Follina. The critical zero-day vulnerability, CVE-2022-42475, was discovered in FortiGate firewalls during an incident investigation by the vendor. This flaw in software design or implementation allows an unauthenticated attacker to execute arbitrary code on affected systems. The vulnerability is present in | Unspecified | 2 |
The Proxynotshell Vulnerability is associated with Follina. ProxyNotShell is a software vulnerability, specifically a flaw in the design or implementation of Microsoft Exchange Server. It was first identified and exploited through CVE-2022-41082, as reported by Palo Alto Networks' Unit 42. The ProxyNotShell exploit method leveraged an AutoDiscover endpoint t | Unspecified | 2 |
The CVE-2020-12641 Vulnerability is associated with Follina. CVE-2020-12641 is a significant vulnerability discovered in the Roundcube Webmail application. It is an issue that arises from a flaw in the software's design or implementation, which allows for Command Injection and Cross-Site Scripting (XSS) attacks (CVE-2020-35730). The exploitation of this vulne | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Securityaffairs | 6 months ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Recorded Future | 2 years ago | ||
CERT-EU | a year ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | a year ago | ||
Recorded Future | 2 years ago | ||
DARKReading | 2 years ago | ||
CERT-EU | a year ago | ||
CERT-EU | 2 years ago | ||
Fortinet | 2 years ago | ||
CSO Online | 2 years ago | ||
Malwarebytes | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago | ||
Canadian Centre for Cyber Security | 2 years ago | ||
Fortinet | a year ago |