German CERT Warns Zyxel Firewalls Exploited for Helldown Ransomware Deployment
Tags
country: Germany
attack-pattern: Credentials - T1589.001 Firmware - T1592.003 Ip Addresses - T1590.005 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID f9578585-152e-4c5f-a874-db886f53ac7f
Fingerprint af2058529d06c7ef
Analysis status DONE
Considered CTI value 0
Text language
Published Nov. 29, 2024, 4:01 a.m.
Added to db Nov. 29, 2024, 5:03 a.m.
Last updated Dec. 18, 2024, 3:10 p.m.
Headline German CERT Warns Zyxel Firewalls Exploited for Helldown Ransomware Deployment
Title German CERT Warns Zyxel Firewalls Exploited for Helldown Ransomware Deployment
Detected Hints/Tags/Attributes 31/2/5
Source URLs
Redirection Url
Details Source https://malware.news/t/german-cert-warns-zyxel-firewalls-exploited-for-helldown-ransomware-deployment/88821
URL Provider
Details Provider Source level domain
Details malware.news malware.news
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 158 Malware Analysis, News and Indicators - Latest topics https://malware.news/latest.rss 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 21 
cve-2024-11667
Details Domain 3 
community.zyxel.com
Details Domain 57 
cyble.com
Details Url 2 
https://community.zyxel.com/en/discussion/26764/ransomware-helldown
Details Url 1 
https://cyble.com/blog/german-cert-warns-zyxel-firewalls-exploited