Tag: CVE-2024-38094

1 Attack Reports | 1 Vulnerabilities

Attack reports

Investigating a SharePoint Compromise: IR Tales from the Field

An incident response investigation uncovered an attacker who exploited a SharePoint vulnerability (CVE-2024-38094) to gain initial access. The attacker remained undetected for two weeks, moving laterally across the network and compromising the entire domain. Key tactics included installing Horoung …
credential harvesting
lateral movement
mimikatz
impacket
CVE-2024-38094
2024-11-05
domain compromise
sharepoint
fast reverse proxy (frp)
Published: November 5, 2024
Downloadable IOCs: 8
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-38094

7.2
    Microsoft SharePoint
Published: July 9, 2024
Click here to see more Vulnerabilities