Today activity has been moderate but lower than yesterday.
Activity Observations
Seeing Chrome vulnerabilities being exploited by an unknown threat actor
Microsoft Exchange servers are still being attacked with the recent vulnerability and started seeing mirrors appear of the Github POC that was taken down
BIG-IP devices are being target and mass scan activity
Nanocore activity increase in volume
Netbounce threat actor appears to be extremely active
Noted the indicators shared for Dearcry (Microsoft Exchange)
China Chopper webshell installs utilizing Dearcry vulnerabilities
This report may be updated in the next couple of hours with additional information as analyst are currently reviewing new detection's and activity of interest.
In addition we added the following documents for reference
Added 14 documents to our threat intelligence reporting interface
Other Notes
Nothing additional today
Last Updated: 12:35 PM EST
Comments