CISA's Latest Advisory, PlushDaemon
Threat Content Highlights
Threat Profiles, Objects, & Tags
-
-
- New Campaign object added to cover CISA’s latest advisory. Unspecified nation-state actors “chained” together exploits of multiple zero-day vulnerabilities in cloud service appliances in order to achieve initial access, remotely execute code, install webshells, and harvest credentials from victim networks. Tidal Cyber has added content around several high-profile vulnerability exploit campaigns in recent months, many of which involved abuse of “zero-day” vulnerabilities (vulnerabilities which were not previously known or disclosed) – these are all tracked under the dedicated “0-Day Exploit” Tag.
- New “China-aligned” espionage Group PlushDaemon added following recent reporting on a software supply chain compromise targeting a developer of VPN software.
- New Campaign object added to cover CISA’s latest advisory. Unspecified nation-state actors “chained” together exploits of multiple zero-day vulnerabilities in cloud service appliances in order to achieve initial access, remotely execute code, install webshells, and harvest credentials from victim networks. Tidal Cyber has added content around several high-profile vulnerability exploit campaigns in recent months, many of which involved abuse of “zero-day” vulnerabilities (vulnerabilities which were not previously known or disclosed) – these are all tracked under the dedicated “0-Day Exploit” Tag.
-