New Cleo zero-day RCE flaw exploited in data theft attacks
Tags
country: Canada Netherlands Lithuania Moldova United States Of America
attack-pattern: Data Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID fa540ed4-121a-4443-9ba3-ad79d75dc9f8
Fingerprint d0861853c8d31af3
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 10, 2024, midnight
Added to db Dec. 10, 2024, 4:31 p.m.
Last updated Dec. 18, 2024, 11:37 p.m.
Headline New Cleo zero-day RCE flaw exploited in data theft attacks
Title New Cleo zero-day RCE flaw exploited in data theft attacks
Detected Hints/Tags/Attributes 47/2/13
Source URLs
Redirection Url
Details Source https://www.bleepingcomputer.com/news/security/new-cleo-zero-day-rce-flaw-exploited-in-data-theft-attacks/
URL Provider
Details Provider Source level domain
Details bleepingcomputer.com www.bleepingcomputer.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 279 BleepingComputer https://www.bleepingcomputer.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 263 
cve-2023-34362
Details CVE 48 
cve-2024-50623
Details File 1 
'healthchecktemplate.txt
Details File 1 
'healthcheck.txt
Details File 1 
'main.xml
Details File 2 
'nltest.exe
Details IPv4 29 
5.8.0.21
Details IPv4 5 
176.123.5.126
Details IPv4 6 
5.149.249.226
Details IPv4 6 
185.181.230.103
Details IPv4 4 
209.127.12.38
Details IPv4 6 
181.214.147.164
Details IPv4 7 
192.119.99.42