| ID | Votes | Profile Description |
|---|---|---|
| CVE-2021-44228 | 11 | CVE-2021-44228, also known as the Log4Shell vulnerability, is a significant flaw in Apache's Log4j software. Disclosed in December 2021, it quickly became one of the most severe bugs due to its widespread usage and potential for exploitation. Various Advanced Persistent Threat (APT) actors attempted |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Earlyrat | Unspecified | 2 | EarlyRat is a previously undocumented malware discovered by Kaspersky researchers in June. The North Korea-linked Advanced Persistent Threat (APT) group Andariel used EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year. The malware was first noticed in one of the Log4j cases, |
| Kinsing | Unspecified | 2 | Kinsing is a malicious software, or malware, that has been recently observed exploiting vulnerabilities in systems. It operates by infiltrating computers or devices, often undetected, through suspicious downloads, emails, or websites. Once inside, Kinsing can wreak havoc by stealing personal informa |
| Conti | has used | 2 | Conti is a notorious malware and ransomware operation that has caused significant damage to computer systems worldwide. The Conti group, believed to have around 200 employees, operated like a regular business, with internal communications revealing the organization's structure and operations. It was |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Andariel | Unspecified | 4 | Andariel, a state-backed threat group linked to North Korea's Reconnaissance General Bureau, has been identified as a significant cyber threat. The group has demonstrated its capabilities by compromising critical national infrastructure organizations, accessing classified technical information and i |
| Lazarus Group | Unspecified | 4 | The Lazarus Group, a notorious threat actor associated with North Korea, has been implicated in several high-profile cyber attacks and exploitation activities. The group's objective often involves establishing a kernel read/write primitive, which allows them to gain high-level access to systems and |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Proxyshell | Unspecified | 5 | ProxyShell is a series of vulnerabilities affecting Microsoft Exchange email servers. These flaws in software design or implementation have been exploited by threat actors to gain unauthorized access and control over targeted systems. The ProxyShell vulnerability, officially tracked as CVE-2021-3447 |
| Follina | Unspecified | 3 | Follina, also known as CVE-2022-30190, is a notable software vulnerability that was discovered and exploited in the first half of 2022. This flaw, found in the Microsoft Windows Support Diagnostic Tool (MSDT), was weaponized by TA413, a cyber threat actor group with suspected ties to China. The grou |
| CVE-2022-30190 | Unspecified | 3 | CVE-2022-30190, also known as the "Follina" vulnerability, is a high-risk software flaw in the Microsoft Support Diagnostic Tool that allows for remote code execution. This 0-day vulnerability was disclosed in May 2022 and has since been exploited by threat actors, including TA413, who weaponized it |
| CVE-2021-45046 | is / was | 2 | None |
| CVE-2021-34523 | Unspecified | 2 | None |
| CVE-2021-26084 | Unspecified | 2 | CVE-2021-26084 is a critical vulnerability related to Atlassian's Confluence software. The flaw in the software design or implementation was first exploited as a zero-day, before its public disclosure in June 2022. It allowed remote attackers to execute code on a Confluence Server via injection atta |
| CVE-2022-22954 | Unspecified | 2 | CVE-2022-22954 is a significant software vulnerability that affects VMware's Workspace One Access and Identity Manager. This flaw in the software design or implementation allows for remote code execution, providing an attacker with the ability to execute arbitrary commands on the affected system. Ov |
| CVE-2022-1388 | Unspecified | 2 | CVE-2022-1388 is a significant software vulnerability identified in the F5 BIG-IP system, specifically in the iControl REST interface. This flaw allows unauthorized bypass of the authentication process, providing potential attackers with unauthorized access to the system. Initial access is typically |
| CVE-2022-26134 | Unspecified | 2 | CVE-2022-26134 is a critical software vulnerability that was discovered in Atlassian Confluence Server and Data Center. This flaw, which allows for remote code execution (RCE), was publicly disclosed by Atlassian in June 2022. The Cybersecurity and Infrastructure Security Agency (CISA) recognized th |
| CVE-2021-34473 | Unspecified | 2 | CVE-2021-34473 is a significant software vulnerability that was discovered in Microsoft Exchange Server. This flaw, along with two others (CVE-2021-31207 and CVE-2021-34523), forms a chain of vulnerabilities known as ProxyShell. These vulnerabilities can be exploited together by remote attackers to |
| CVE-2018-13379 | Unspecified | 2 | CVE-2018-13379 is a critical vulnerability that affects FortiOS and Fortiguard, presenting a flaw in their software design or implementation. This specific vulnerability, which can expose sensitive credentials, has been frequently exploited, making the top 15 most routinely exploited list in both 20 |
| CVE-2021-31207 | Unspecified | 2 | CVE-2021-31207 is a significant software vulnerability that has been exploited by APT40, a group known for rapidly taking advantage of newly public vulnerabilities in widely used software. This particular vulnerability affects Atlassian Confluence and Microsoft Exchange, among other platforms, and a |
| CVE-2021-40539 | Unspecified | 2 | None |
| CVE-2022-22960 | Unspecified | 2 | None |
| CVE-2017-5638 | Unspecified | 2 | CVE-2017-5638 is a significant vulnerability found in Apache Struts, a widely used open-source framework for developing Java web applications. This flaw in software design or implementation allowed attackers to remotely execute commands on the server running the vulnerable application, leading to po |
| Preview | Source Link | CreatedAt | Title |
|---|---|---|---|
| Checkpoint | 5 days ago | 2nd September – Threat Intelligence Report - Check Point Research | |
| Checkpoint | 12 days ago | 26th August – Threat Intelligence Report - Check Point Research | |
| Checkpoint | 20 days ago | 19th August – Threat Intelligence Report - Check Point Research | |
| Checkpoint | a month ago | 12th August – Threat Intelligence Report - Check Point Research | |
| Checkpoint | a month ago | 5th August – Threat Intelligence Report - Check Point Research | |
| CERT-EU | 8 months ago | A Log4Shell Malware Campaign in the DNS Spotlight | |
| DARKReading | a month ago | Feds Warn of North Korean Cyberattacks on US Critical Infrastructure | |
| Checkpoint | a month ago | 29th July – Threat Intelligence Report - Check Point Research | |
| Flashpoint | a month ago | COURT DOC: North Korean Government Hacker Charged for Involvement in Ransomware Attacks Targeting U.S. Hospitals and Health Care Providers | |
| CISA | a month ago | North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs | CISA | |
| Checkpoint | 2 months ago | 22nd July – Threat Intelligence Report - Check Point Research | |
| Checkpoint | 2 months ago | 15th July – Threat Intelligence Report - Check Point Research | |
| Checkpoint | 2 months ago | 8th July – Threat Intelligence Report - Check Point Research | |
| DARKReading | 2 months ago | 'RegreSSHion' Bug Threatens Takeover of Millions of Linux Systems | |
| Checkpoint | 2 months ago | 1st July – Threat Intelligence Report - Check Point Research | |
| Checkpoint | 2 months ago | 24th June – Threat Intelligence Report - Check Point Research | |
| Checkpoint | 3 months ago | 17th June – Threat Intelligence Report - Check Point Research | |
| BankInfoSecurity | 3 months ago | Ransomware Gang TellYouThePass Exploits PHP Vulnerability | |
| Checkpoint | 3 months ago | 10th June – Threat Intelligence Report - Check Point Research | |
| BankInfoSecurity | 3 months ago | CISA Planning JCDC Overhaul as Experts Criticize Slow Start |