T1505.003 – Server Software Component: Web Shell

Blog | Scenario

Volt Typhoon
ByDetecteam 2023-10-052023-10-05

TLP TLP TLP CLEAR Author Jordi M. Lobo Summary Microsoft has uncovered a stealthy and targeted malicious campaign led by Volt Typhoon, a state-sponsored actor from China, with a focus on post-compromise credential access and network system discovery. Their primary targets are critical infrastructure organizations in the United States, including sectors such as communications, manufacturing,…

Read More Volt Typhoon
Blog | Scenario

Adobe Coldfusion Exploitation (CVE-2023-29298) data
ByDetecteam 2023-07-182023-07-18

TLP TLP TLP CLEAR Authors Sebastien Tricaud Summary Active Exploitation of Adobe Coldfusion CVE-2023-29298. We are providing data to help teams quickly detect and react to this ongoing threat. DATA TIMELINE CATEGORY Exploit references https://www.rapid7.com/blog/post/2023/07/17/etr-active-exploitation-of-multiple-adobe-coldfusion-vulnerabilities/

Read More Adobe Coldfusion Exploitation (CVE-2023-29298) data

End of content

End of content