Tag: persistent access

2 Attack Reports | 0 Vulnerabilities

Attack reports

From Credit Card Skimming to Exploiting Zero-Days

XE Group, a cybercriminal organization active since 2013, has evolved from credit card skimming to exploiting zero-day vulnerabilities. The group initially focused on web vulnerabilities and supply chain attacks but has now shifted to targeted information theft in manufacturing and distribution sec…
powershell
zero-day
meterpreter
aspxspy
webshell
supply-chain-attack
2025-02-03
CVE-2024-57968
CVE-2025-25181
information-theft
remote-access-trojan
sql-injection
persistent-access
Published: February 3, 2025
Linked vulnerabilities : CVE-2024-57968 (CVSS 9.9), CVE-2025-25181 (CVSS 5.8), CVE-2019-18935, CVE-2017-9248
Downloadable IOCs: 17

Mozi Resurfaces as Androxgh0st Botnet: Unraveling The Latest Exploitation Wave

The Androxgh0st botnet, active since January 2024, has evolved to incorporate Mozi botnet payloads, expanding its attack surface from web servers to IoT devices. It exploits vulnerabilities in various platforms, including Cisco ASA, Atlassian JIRA, and PHP frameworks, utilizing remote code executio…
iot
botnet
credential theft
CVE-2024-4577
vulnerability exploitation
CVE-2018-10562
CVE-2018-10561
androxgh0st
remote code execution
routers
CVE-2022-1040
mozi
CVE-2022-21587
CVE-2024-36401
CVE-2021-41277
CVE-2023-1389
CVE-2021-26086
CVE-2014-2120
2024-11-12
web servers
persistent access
Published: November 12, 2024
Linked vulnerabilities : CVE-2024-4577 (CVSS 9.8), CVE-2021-41773, CVE-2018-15133, CVE-2017-9841, CVE-2022-1040, CVE-2021-41277, CVE-2018-10562, CVE-2014-2120, CVE-2021-26086, CVE-2024-36401, CVE-2022-21587, CVE-2018-10561, CVE-2023-1389
Downloadable IOCs: 10
Click here to see more Attack Reports