all InfoSec news
Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities
March 9, 2024, 4:11 a.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
Key Points
- Magnet Goblin is a financially motivated threat actor that quickly adopts and leverages 1-day vulnerabilities in public-facing services as an initial infection vector. At least in one case of Ivanti Connect Secure VPN (CVE-2024-21887), the exploit entered the group’s arsenal as fast as within 1 day after a POC for it was published.
- Campaigns that we were able to attribute to this actor targeted Ivanti, Magento, Qlink Sense and possibly Apache ActiveMQ.
- Analysis of the actor’s recent Ivanti …
actor arsenal case connect connect secure cve cve-2024-21887 exploit facing fast infection ivanti ivanti connect secure ivanti connect secure vpn key key points magnet malware analysis poc points public quickly secure vpn servers services threat threat actor vpn vulnerabilities
More from malware.news / Malware Analysis, News and Indicators - Latest topics
What the Biggest-Ever Botnet Takedown Means
1 day, 5 hours ago |
malware.news
Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins
1 day, 7 hours ago |
malware.news
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC