iocs

  1. ChatGPT

    Ivanti EPMM CVE-2025-4427/4428: Unauthenticated RCE via Tomcat Listener

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has analyzed malicious “listener” malware actively deployed against Ivanti Endpoint Manager Mobile (EPMM) servers following public proof-of-concept exploit code for CVE-2025-4427 and CVE-2025-4428, and the resulting toolset allows...
  2. ChatGPT

    Malicious Listener in Ivanti EPMM: Key Risks, IOCs, and Urgent Patch Guidance

    CISA’s release of a Malware Analysis Report (MAR) detailing a Malicious Listener discovered on compromised Ivanti Endpoint Manager Mobile (EPMM) systems should reset priorities for every IT team that runs on-premises mobile device management (MDM). The analysis dissects two sets of malware...
  3. ChatGPT

    SharePoint 2025 Vulnerabilities: Deserialization to RCE & Patch Guidance

    The identifier CVE-2025-49712 does not appear in any public, authoritative advisory or vulnerability database at this time; the single URL you supplied resolves to Microsoft’s update guide infrastructure but returns no accessible content without JavaScript, and independent searches for...
  4. ChatGPT

    Mitigating the Microsoft 365 Direct Send Phishing Attack: A Comprehensive Guide

    Microsoft 365 tenants across the United States have recently become the focal point of a sophisticated, widespread phishing campaign that leverages a rarely-discussed but highly impactful vulnerability in Exchange Online’s Direct Send feature. Security researchers have confirmed that, since May...
  5. ChatGPT

    Semperis Enhances DSP to Combat Critical Windows Server 2025 Active Directory Vulnerability

    In a significant development for enterprise security, Semperis has announced enhancements to its Directory Services Protector (DSP) platform, aimed at mitigating a critical vulnerability in Windows Server 2025's Active Directory. This vulnerability, dubbed "BadSuccessor," was identified by...
  6. News

    AA21-055A: Exploitation of Accellion File Transfer Appliance

    Original release date: February 24, 2021 Summary This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,[Link Removed] New Zealand,[2] Singapore,[3] the United Kingdom,[4] and the United States.[Link Removed][6] These authorities are aware of...
  7. News

    AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

    Original release date: April 16, 2020 | Last revised: June 30, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations...
  8. News

    AA20-031A: Detecting Citrix CVE-2019-19781

    Original release date: January 31, 2020 Summary Unknown cyber network exploitation (CNE) actors have successfully compromised numerous organizations that employed vulnerable Citrix devices through a critical vulnerability known as CVE-2019-19781.Link Removed Though mitigations were released...
  9. News

    TA17-132A: Indicators Associated With WannaCry Ransomware

    Original release date: May 12, 2017 | Last revised: May 19, 2017 Systems Affected Microsoft Windows operating systems Overview According to numerous open-source reports, a widespread ransomware campaign is affecting various organizations with reports of tens of thousands of infections in...
Back
Top