Criminal IP Analysis Report on Zero-Day Vulnerability in Atlassian Confluence

According to Volexity 1), a cybersecurity company in Washington, DC, a webshell was discovered in Atlassian Confluence server during an incident response investigation. Volexity observed it as an Atlassian Confluence-related issue and generated an exploit code. However, the company later determined that it was a zero-day vulnerability that could execute remote code even after [...]

Search for Website Defacement Using Title Filter in Asset Search(title:”hacked by”)

Website Defacement (Link: Description of Website Defacement) , which refers to a cyber attack where a hacker penetrates a website and changes its visual appearance, is an act of intentionally leaving evidence that the website has been attacked. This attack would feel like nothing if the screen is the only one that is changed. [...]

Search for Remote Management Systems Exposed to Attack Surface Using SSL Certificate Search Feature (ssl_issuer_organization)

Among the filters of Asset Search provided by Criminal IP (hereinafter referred to as CIP) is ssl_issuer_organization. Using this filter, you can check which institution’s certificate was signed by an SSL protocol such as https. When we look at the SSL certificate of criminalip.io below, for example, “Verified by” is noted as “Sectigo Limited(formerly [...]

By |2022-08-04T18:14:33+09:00May 25th, 2022|Tags: , , , |0 Comments
Go to Top