0-day And Hitlist Week -02-21-2024- 'link' Link

Deploy a China Chopper variant web shell. Then, use harvested NTLM hashes to move laterally to a domain controller.

The "Hitlist" refers to the specific industries, organizations, and geographic regions that advanced persistent threat (APT) groups and cybercriminal cartels are prioritizing for attacks this week. 0-day and Hitlist Week -02-21-2024-

Stay vigilant. If you’re running Ivanti or unpatched Exchange, assume compromise and investigate backward 14 days. Deploy a China Chopper variant web shell

While Ivanti vulnerabilities from January (in Connect Secure VPNs) were still being remediated, the week of February 21 brought continued pressure. The "hitlist" saw these older Ivanti vulnerabilities retain top spots, but new warnings emerged regarding Ivanti Avalanche, a mobile device management (MDM) solution. Stay vigilant

Exploit CVE-2024-21410 on an unpatched Exchange server exposed to the internet. Victim: A regional energy cooperative.

Welcome to our weekly breakdown. This week of February 21, 2024, is seeing a heavy influx of 0-day releases across general trackers. As always, "0-day" means these uploads hit the scene within minutes or hours of their official public release. 🚀 Featured 0-Day Releases