Activity Feed

cbeek-r7 reported CVE-2024-40766 as Exploited in the Wild

September 09, 2024 8:48am UTC (2 months ago)

Indicated sources as

Government or Industry Alert (https://arcticwolf.com/resources/blog/arctic-wolf-observes-akira-ransomware-campaign-targeting-sonicwall-sslvpn-accounts/)
Other: Multiple IR peers report the abuse of this vulnerability by ransomware groups like Akira and Fog

1

litonkarmokar assessed CVE-2024-21060

September 07, 2024 5:09pm UTC (2 months ago)

Ratings

Attacker Value

Medium

Exploitability

Very High

1

cbeek-r7 assessed CVE-2022-3236

September 06, 2024 6:10pm UTC (2 months ago)

Ratings

Exploitability

High

Observed in state-sponsored attacks

Technical Analysis

On September 5th 2024, CISA released a security bulletin highlighting the cyber-attacks from a Russian actor. In this bulletin CISA confirmed and stated that this vulnerability was abused by the actor to bypass authentication and gain initial access.
Source: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-249a

cbeek-r7 reported CVE-2021-26138 as Exploited in the Wild

September 06, 2024 6:08pm UTC (2 months ago)

Indicated source as

Government or Industry Alert

1

cbeek-r7 assessed CVE-2021-26138

September 06, 2024 6:08pm UTC (2 months ago)

Ratings

Exploitability

High

Observed in state-sponsored attacks

Technical Analysis

On September 5th 2024, CISA released a security bulletin highlighting the cyber-attacks from a Russian actor. In this bulletin CISA confirmed and stated that this vulnerability was abused by the actor to bypass authentication and gain initial access.
Source: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-249a

cbeek-r7 reported CVE-2022-26134 as Exploited in the Wild

September 06, 2024 6:07pm UTC (2 months ago)

Indicated source as

Government or Industry Alert

1

cbeek-r7 assessed CVE-2022-26134

September 06, 2024 6:07pm UTC (2 months ago)

Ratings

Attacker Value

Very High

Exploitability

Very High

CISA KEV Listed Observed in state-sponsored attacks

Technical Analysis

On September 5th 2024, CISA released a security bulletin highlighting the cyber-attacks from a Russian actor. In this bulletin CISA confirmed and stated that this vulnerability was abused by the actor to bypass authentication and gain initial access.
Source: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-249a

cbeek-r7 reported CVE-2021-33045 as Exploited in the Wild

September 06, 2024 6:04pm UTC (2 months ago)

Indicated source as

Government or Industry Alert

1

cbeek-r7 assessed CVE-2021-33045

September 06, 2024 6:04pm UTC (2 months ago)

Ratings

Attacker Value

Very High

Exploitability

High

CISA KEV Listed Observed in state-sponsored attacks Unauthenticated

Technical Analysis

On September 5th 2024, CISA released a security bulletin highlighting the cyber-attacks from a Russian actor. In this bulletin CISA confirmed and stated that this vulnerability was abused by the actor to bypass authentication and gain initial access through a vulnerable Dahua IP Camera.
Source: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-249a

cbeek-r7 reported CVE-2021-33044 as Exploited in the Wild

September 06, 2024 6:03pm UTC (2 months ago)

Indicated source as

Government or Industry Alert

Ratings

Ratings

Technical Analysis

Ratings

Technical Analysis

Ratings

Technical Analysis

Ratings

Technical Analysis

Quick Cookie Notification