AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January
ATT&CK techniques detected
T1190Exploit Public-Facing Application
95%
"aws warns hackers have abused cisco firewall zero - day since january a prolific ransomware group has been exploiting a zero - day vulnerability in a cisco firewall product since january, according to a new analysis from aws. aws ciso, cj moses, warned yesterday that the interloc…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1059.001PowerShell
51%
"the group used a powershell script to collect details on victims ’ networks, as well as two custom remote access trojans ( rats ) written in javascript and java for persistent control. the group also deployed a “ persistent memory - resident backdoor ” ( webshell ) that intercept…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
35%
", defense in depth, continuous threat monitoring / hunting and regular testing of incident response procedures should be combined with updated training for security teams on interlock ttps, aws said. “ the real story here isn ’ t just about one vulnerability or one ransomware gro…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Notorious ransomware group Interlock has been exploiting a Cisco zero-day bug since January, AWS says