SkidSec Hacker Group Announces Plans to Spread North Korean Propaganda Through Hacked Printers in South Korea

On November 29, SkidSec hacker group announced its intentions on Telegram to attack exposed printers in South Korea to spread North Korean propaganda. North Korean propaganda refers to leaflets and other materials designed to promote North Korean ideas and criticize the South. According to the sudden announcement of the attack, it appears that the scheme [...]

By |2023-12-02T10:42:26+09:00December 1st, 2023|Tags: , |0 Comments

Ransomware Attack Targets WS_FTP Vulnerability: Over 4,000 Servers Exposed

Recently, several WS_FTP vulnerabilities have been discovered and many cybersecurity forums have started discussing the issue, as it has become a prime target for ransomware attacks. The most notable organization that attacked the exposed server was revealed to be a specialized cybercrime group known as Reichsadler. The group reportedly launched the attack as soon as [...]

By |2023-10-24T19:31:35+09:00October 20th, 2023|Tags: , |0 Comments

Crypto Phishing Attacks of Bankrupt Celsius: Detected by Real-Time URL Scanning

Creditors of Celsius Network, a bankrupt crypto lender, have recently been targeted for Celsius crypto phishing attacks. Celsius Network is a platform that uses its own CEL coin and allows you to deposit various cryptocurrencies such as Bitcoin and Ethereum into the Celsius wallet to earn profits or take loans using the deposited funds as collateral. Creditors who [...]

By |2023-10-04T10:30:52+09:00September 27th, 2023|Tags: |0 Comments

Cyber Espionage Group APT33 Targets Exposed Confluence Servers

On September 14, 2023, Microsoft announced on its blog that an Iranian cyber espionage group launched a Password Spraying Attack targeting thousands of organizations in the U.S. and around the world.  The professional spy group, generally known as APT33 as well as Peach Sandstorm, HOLMIUM, or Refined Kitten, has been active since 2013. It has attacked diverse industrial [...]

By |2023-09-25T10:51:41+09:00September 22nd, 2023|Tags: , |0 Comments

CVE-2022-42475: Thousands of Unpatched Fortinet Vulnerabilities Exposed

According to a joint report released by CISA, FBI, and U.S. Cyber Command (USCYBERCOM) on September 7, 2023, state-sponsored hacking groups have recently exploited critical vulnerabilities in Zoho and Fortinet software to penetrate U.S. aviation agencies. The hackers gained unauthorized access to the organization's network by exploiting the disclosed Zoho application vulnerability (CVE-2022-47966) and the Fortinet vulnerability (CVE-2022-42475). While [...]

By |2023-09-25T10:52:22+09:00September 15th, 2023|Tags: , |0 Comments

Re-evaluating Corporate SSL VPNs After The Cisco VPN Hack

In today's remote work landscape, SSL VPNs have become a cornerstone of corporate security measures, allowing employees to securely access internal networks from various locations. However, the vulnerability lies in the fact that if a hacker gains access to an SSL VPN, they acquire the same level of access as legitimate users. To mitigate this, [...]

By |2023-09-11T10:26:26+09:00September 8th, 2023|Tags: |0 Comments

Over 100,000 Juniper Firewalls Exposed: Beware of the RCE Vulnerability Bug Chain

Products from Juniper Networks, including Juniper firewalls, are already significantly exposed on the attack surface. Searching for the title of the web server utilized for Juniper Networks J-Web on Criminal IP's Asset Search can lead to the discovery of online-exposed servers. These servers are at a heightened risk of becoming prime targets for hackers.

By |2023-09-04T16:34:09+09:00September 1st, 2023|Tags: , |0 Comments

Critical Patch Delay CVE-2023-27997: Over 4.6K Vulnerable FortiGate Firewalls

The delay in applying patches for the FortiGate firewall's remote code execution (RCE) vulnerability, CVE-2023-27997, which was announced on June 12, 2023, has reached a critical stage. CVE-2023-27997 is a heap-based buffer overflow vulnerability affecting SSL-VPN enabled devices. This RCE vulnerability enables the remote execution of code through an SSL-VPN interface exposed on the web. With [...]

By |2023-08-11T18:29:06+09:00August 10th, 2023|Tags: , |2 Comments

Criminal IP Partner Program | Join Us as a Cyber Security Sales Partner! 

Criminal IP is actively seeking a partner to enhance customers' security network with advanced threat intelligence. We are committed to building a global network of partners that can provide various security solutions to address the dynamic challenges of cybersecurity.  Criminal IP Partner Program Criminal IP Partner Program offers a variety of partnership options. We are enthusastic about [...]

By |2023-10-26T14:22:52+09:00June 30th, 2023|0 Comments

Oracle WebLogic RCE Vulnerability: CVE-2023-21839

In this article, we will cover the latest vulnerability of Oracle's WebLogic Server, which is one of the serious remote code vulnerabilities. CVE-2023-21839, which targets WebLogic Server, a Java web application server developed by Oracle, was first mentioned about three months ago as a vulnerability that could be exploited by RCE (Remote Code Execution). As [...]

By |2023-06-19T09:12:08+09:00June 14th, 2023|Tags: , , , |0 Comments
Go to Top