Tag: CVE-2023-3519

3 Attack Reports | 0 Vulnerabilities

Attack reports

People's Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations

PRC-linked cyber actors have compromised thousands of Internet-connected devices to create a botnet for malicious activities. Integrity Technology Group, a PRC-based company with government links, has controlled a botnet of over 260,000 devices since mid-2021. The botnet uses Mirai-based malware to…

cyber espionage

network compromise

Published: October 2, 2024

Downloadable IOCs: 169

StopRansomware: RansomHub Ransomware

RansomHub is a ransomware-as-a-service variant that has targeted over 210 victims across various critical infrastructure sectors since February 2024. It employs a double-extortion model, encrypting systems and exfiltrating data. The ransom note provides victims with a client ID and instructions to …

privilege-escalation

ransomware-as-a-service

double-extortion

data-exfiltration

critical-infrastructure

lateral-movement

Published: August 30, 2024

Downloadable IOCs: 14

Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

This advisory outlines the activities of an Iran-based cyber threat group that has conducted numerous intrusions against organizations in the United States and other countries since 2017, with the goal of obtaining network access to facilitate ransomware attacks. The group, known by various names s…

state-sponsored

credential-theft

Published: August 28, 2024

Downloadable IOCs: 33

Click here to see more Attack Reports