Sensor Intel Series: Top CVEs in September 2023
ATT&CK techniques detected
T1190Exploit Public-Facing Application
92%
“tracked. in this view, most of our tracked cves can be seen to be holding at a relatively steady rate, with a few others dropping off from relatively low volume in previous months, such as cve - 2022 - 36914, an rce vulnerability in teclib glpi. figure 3. traffic volume for the l…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1110.004Credential Stuffing
58%
“asns targeting other sensors with other traffic, no other sensors saw this cred stuffing activity. table 1 shows the ips and asns involved in this attack, along with the source and destination countries, and counts of traffic observed. table 1 : source ip, source asn, source coun…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
We added another signature (for CVE-2020-0618) and we take a look at a cred stuffing attack from last month. One formerly prevalent CVE has disappeared entirely, and we investigate why that happened.