Equipe CERT, Author at Cybersécurité

Addressing Forensic Challenges in Ivanti Pulse Secure Environments with Automated AES Key Recovery

par Equipe CERT | Mar 14, 2024 | Recherche et Développement, CERT, Actualités, Engineering

On January 10, 2024, Ivanti issued a warning regarding two high-severity zero-day vulnerabilities (CVE-2023-46805 and CVE-2024-218871) in Ivanti Connect Secure VPN. These vulnerabilities allow for authentication bypass and command injection within the web components...

Aki-RATs – Command and Control Party

par Equipe CERT | Nov 28, 2023 | CERT, Non classifié(e)

Context During the first half of 2023, CERT Intrinsec handled several incidents involving Akira ransomware group. Companies detected ransomware’s presence, either by reacting to alerts triggered by their security solutions, or, in worst case, by encountering...

ProxyNotShell – OWASSRF – Merry Xchange

par Equipe CERT | Jan 16, 2023 | Avis de vulnérabilité, CERT, Cyber Threat Intelligence

Context By the end of 2022, CERT Intrinsec dealt with the newly discovered bypass of ProxyNotShell named OWASSRF. This article details the modus operandi of a threat actor that exploited this vulnerability. On day one, the attackers leveraged vulnerable Exchange...

APT27 – One Year To Exfiltrate Them All: Intrusion In-Depth Analysis

par Equipe CERT | Oct 18, 2022 | CERT, Cyber Threat Intelligence

Context During 2022, a company discovered that one of their equipments was communicating with a known command and control server. As a result, the company decided to contact CERT Intrinsec in order to get help to handle the security breach and manage the crisis. CERT...

Addressing Forensic Challenges in Ivanti Pulse Secure Environments with Automated AES Key Recovery

Aki-RATs – Command and Control Party

ProxyNotShell – OWASSRF – Merry Xchange

APT27 – One Year To Exfiltrate Them All: Intrusion In-Depth Analysis

Search

Recent Posts

Archives

Categories