Today > vulnerabilities   -   You can now download lists of IOCs here!

Tag: godzilla

3 attack reports | 0 vulnerabilities

Attack reports

Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence

Trend Micro researchers have identified a new attack vector exploiting CVE-2023-22527 in older versions of Atlassian Confluence Data Center and Server. The attack deploys an in-memory fileless backdoor known as the Godzilla webshell, which uses AES encryption for communication and remains memory-re…

godzilla
remote code execution
2024-09-02
aes encryption
CVE-2023-22527
atlassian confluence
fileless backdoor
in-memory
Published: September 2, 2024

Downloadable IOCs 0

A Dive into Latest Campaign

Earth Baku, an advanced persistent threat actor, has broadened its operations from the Indo-Pacific region to Europe, the Middle East, and Africa, targeting countries like Italy, Germany, UAE, and Qatar. The group leverages public-facing applications like IIS servers as entry points, deploying soph…

backdoor
loader
apt
espionage
cobalt strike
cybercrime
godzilla
stealthvector
2024-08-09
stealthreacher
megacmd
sneakcross
tailscale
rakshasa
Published: August 9, 2024

Downloadable IOCs 30

Analysis of Coin Miner Attack Case Against Domestic Web Server

ASEC has recently confirmed an attack on a domestic medical institution to install a coin miner. The web server that was targeted was a Windows IIS server, and the path name on which the web shell was uploaded suggests that it is a system with the Picture Archiving and Communication System (PACS) p…

xmrig
2024-06-18
godzilla
aspxspy
badpotato
CVE-2021-1732
coin miner
certutil
iis sever
caidao
chopper
behinder
godpotato
ringq
Published: June 18, 2024

Downloadable IOCs 10

» Click here to see all Attack Reports «