all InfoSec news
Threat Actor Exploits F5, ConnectWise Flaws to Target U.S. Orgs
Malware Analysis, News and Indicators - Latest topics malware.news
A threat actor has been “aggressively” exploiting a number of known vulnerabilities in order to target U.S. government organizations, research and education institutions.
The threat actor, tracked by researchers under UNC5174, was first observed exploiting a known flaw in the F5 BIG-IP traffic management user interface (CVE-2023-46747), and as recently as February it was seen exploiting the known ConnectWise ScreenConnect bug (CVE-2024-1709). The threat actor was seen targeting various other vulnerabilities between October and February, including ones in Atlassian Confluence …
actor big big-ip connectwise cve cve-2023-46747 education exploiting exploits flaw flaws government institutions interface known vulnerabilities management order organizations research researchers target threat threat actor traffic traffic management under user interface u.s. government vulnerabilities