Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
3 résultats taggé webshell  ✕
Detecting “Effluence”, an Unauthenticated Confluence Web Shell https://www.aon.com/cyber-solutions/aon_cyber_labs/detecting-effluence-an-unauthenticated-confluence-web-shell/
10/11/2023 11:09:13
QRCode
archive.org
thumbnail

Discovering Effluence, a unique web shell accessible on every page of an infected Confluence

aon EN 2023 Effluence Confluence webshell CVE-2023-22515
DeftTorero TTPs in 2019–2021 https://securelist.com/defttorero-tactics-techniques-and-procedures/107610/
03/10/2022 20:15:11
QRCode
archive.org
thumbnail

Earlier this year, we started hunting for possible new DeftTorero (aka Lebanese Cedar, Volatile Cedar) artifacts. This threat actor is believed to originate from the Middle East and was publicly disclosed to the cybersecurity community as early as 2015. Notably, no other intelligence was shared until 2021, which led us to speculate on a possible shift by the threat actor to more fileless/LOLBINS techniques, and the use of known/common offensive tools publicly available on the internet that allows them to blend in.

securelist EN 2022 DeftTorero LebaneseCedar Lebanon webshell
PROPHET SPIDER Exploits Citrix ShareFile https://www.crowdstrike.com/blog/prophet-spider-exploits-citrix-sharefile/
16/03/2022 08:46:41
QRCode
archive.org
thumbnail

At the start of 2022, CrowdStrike Intelligence and CrowdStrike Services investigated an incident in which PROPHET SPIDER exploited CVE-2021-22941 — a remote code execution (RCE) vulnerability impacting Citrix ShareFile Storage Zones Controller — to compromise a Microsoft Internet Information Services (IIS) web server. The adversary exploited the vulnerability to deploy a webshell that enabled the downloading of additional tools. This incident highlights how PROPHET SPIDER continues to evolve their tradecraft while continuing to exploit known web-server vulnerabilities.

CrowdStrike PROPHETSPIDER EN 2022 CVE-2021-22941RCE webshell ShareFile vulnerability Citrix
4835 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn