2024-11-21 18:49 UTC
Large scale compromises of PAN-OS devices (CVE-2024-0012 and CVE-2024-9474 exploitation campaigns)
We are scanning for and reporting compromised PAN-OS devices (based on existence of artefacts related to successful exploitation of (CVE-2024-0012 and CVE-2024-9474).
2024-10-14 10:00 UTC
Fortinet CVE-2024-23113 (format string pre-auth RCE) scanning
We are now reporting in our feeds Fortinet IPs still likely vulnerable to CVE-2024-23113 (format string pre-auth RCE). This vulnerability is known to be exploited in the wild. 87,390 IPs found on 2024-10-12 scan. Top: US (14K), Japan (5.1K), India (4.8K).
Links
2024-10-14 09:56 UTC
Zimbra CVE-2024-45519 scanning
We are scanning for & reporting Zimbra IPs likely vulnerable to CVE-2024-45519 (CVSS 9.8 RCE). Over 19.6K unpatched instances seen on 2024-10-04. Top: Germany (1.6K), US (1.6K), Russia (1.5K). Please note CVE-2024-45519 can be exploited via the SMTP service (our version check itself is web based) and that postjournal is NOT enabled by default (which is not verified in our scans).
2024-09-02 08:48 UTC
7777 Botnet compromised devices
We are sharing 7777 Botnet compromised devices as seen in our daily scans. The data is shared in our Accessible Telnet reported, with a '7777' tag. To view the 7777 botnet compromised devices in the Dashboard select source 'compromised-iot' and tag '7777' (see link examples).