top of page

What were seeing today 16 Mar 2021

Today activity has been moderate but lower than yesterday.

Activity Observations

  • Seeing Chrome vulnerabilities being exploited by an unknown threat actor

  • Microsoft Exchange servers are still being attacked with the recent vulnerability and started seeing mirrors appear of the Github POC that was taken down

  • BIG-IP devices are being target and mass scan activity

  • Nanocore activity increase in volume

  • Netbounce threat actor appears to be extremely active

  • Noted the indicators shared for Dearcry (Microsoft Exchange)

  • China Chopper webshell installs utilizing Dearcry vulnerabilities

This report may be updated in the next couple of hours with additional information as analyst are currently reviewing new detection's and activity of interest.

In addition we added the following documents for reference

Added 14 documents to our threat intelligence reporting interface

Other Notes

Nothing additional today

Last Updated: 12:35 PM EST

32 views0 comments


bottom of page