“exchange server rce ( proxylogon ) recent exploitation : activity seen in the last 24 hours a subset of the cves targeted within the past 30 days have been targeted within the past 24 hours. these include : - cve - 2024 - 3400 – palo alto networks pan - os command injection - cve…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
99%
“access control - cve - 2023 - 20198 – cisco ios xe web ui privilege escalation - cve - 2022 - 41082 – microsoft exchange server remote code execution - cve - 2022 - 41040 – microsoft exchange server server - side request forgery vulnerability - cve - 2022 - 37042 – synacor zimbra…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
86%
“greynoise detects active exploitation of cves mentioned in black basta ’ s leaked chat logs key takeaways - greynoise has detected active exploitation of 23 of the 62 cves mentioned in black basta ’ s leaked chat logs, including vulnerabilities affecting enterprise software, secu…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
80%
“full list of cves mentioned in black basta ’ s leaked chat logs the following 62 cves were identified in black basta ’ s leaked chat logs by vulncheck. organizations can use this list to assess their exposure. - cve - 2024 - 3400 - cve - 2024 - 27198 - cve - 2024 - 26169 - cve - …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
75%
“##yxel multiple firewalls os command injection - cve - 2021 - 44228 – apache log4j rce ( log4shell ) - cve - 2021 - 26855 – microsoft exchange server rce ( proxylogon ) how defenders can respond organizations should immediately assess their exposure to the actively exploited cves…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1587.004Exploits
75%
“full list of cves mentioned in black basta ’ s leaked chat logs the following 62 cves were identified in black basta ’ s leaked chat logs by vulncheck. organizations can use this list to assess their exposure. - cve - 2024 - 3400 - cve - 2024 - 27198 - cve - 2024 - 26169 - cve - …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
61%
“not all 62 are trackable by greynoise, the actual number of exploited vulnerabilities may be higher. greynoise confirms active exploitation of cves listed in black basta ’ s leaked chats a major leak of internal chat logs from the black basta ransomware group has revealed 62 cves…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
50%
“not all 62 are trackable by greynoise, the actual number of exploited vulnerabilities may be higher. greynoise confirms active exploitation of cves listed in black basta ’ s leaked chats a major leak of internal chat logs from the black basta ransomware group has revealed 62 cves…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1587.004Exploits
43%
“greynoise detects active exploitation of cves mentioned in black basta ’ s leaked chat logs key takeaways - greynoise has detected active exploitation of 23 of the 62 cves mentioned in black basta ’ s leaked chat logs, including vulnerabilities affecting enterprise software, secu…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
42%
“##yxel multiple firewalls os command injection - cve - 2021 - 44228 – apache log4j rce ( log4shell ) - cve - 2021 - 26855 – microsoft exchange server rce ( proxylogon ) how defenders can respond organizations should immediately assess their exposure to the actively exploited cves…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Ransomware group Black Basta’s chat logs were leaked, revealing 62 mentioned CVEs (Source: VulnCheck). GreyNoise identified 23 of these CVEs as actively exploited, with some targeted in the last 24 hours. Notably, CVE-2023-6875 is being exploited despite not appearing in CISA’s KEV catalog — reinforcing the need for real-time intelligence beyond static lists.