Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
2 résultats taggé CVE-2022-42475  ✕
Analysis of Threat Actor Activity https://www.fortinet.com/blog/psirt-blogs/analysis-of-threat-actor-activity
13/04/2025 12:50:41
QRCode
archive.org

Fortinet diligently balances our commitment to the security of our customers and our culture of responsible transparency and commits to sharing information with that goal in mind. While efforts by threat actors to exploit known vulnerabilities are not new, recent Fortinet investigations have discovered a post exploitation technique used by a threat actor. This blog offers analysis of that finding to help our customers make informed decisions.

fortinet EN 2025 EN CVE-2022-42475 exploit vulnerabilities CVE-2023-27997 CVE-2024-21762
MAR-10430311-1.v1 Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 https://www.cisa.gov/news-events/analysis-reports/ar23-250a
07/09/2023 23:30:37
QRCode
archive.org

CISA received 4 files for analysis from an incident response engagement conducted at an Aeronautical Sector organization.

2 files (bitmap.exe, wkHPd.exe) are identified as variants of Metasploit (Meterpreter) and designed to connect and receive unencrypted payloads from their respective command and control (C2) servers. Note: Metasploit is an open source penetration testing software; Meterpreter is a Metasploit attack payload that runs an interactive shell. These executables are used as attack payloads to run interactive shells, allowing a malicious actor the ability to control and execute code on a system.

2 files (resource.aspx, ConfigLogin.aspx) are Active Server Pages (ASPX) web shells designed to execute remote JavaScript code on the victim server.

cisa EN 2023 Multiple Nation-State Threat Actors Exploit CVE-2022-47966 CVE-2022-42475
4252 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio