{"vulnerability": "CVE-2024-29824", "sightings": [{"uuid": "58f434f3-dc84-4974-85dc-15aa28aa7db8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-29824", "type": "seen", "source": null, "content": "", "creation_timestamp": "2024-10-21T08:30:21.306281Z"}, {"uuid": "0b80e9ca-597e-4302-a589-2ba45e4a006d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-10-02T18:10:02.000000Z"}, {"uuid": "bb46987b-4d55-489e-a4c6-6830f278112d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "f9ade5d9-4279-45a4-85b0-3dfe2919893f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-29)", "content": "", "creation_timestamp": "2025-03-29T00:00:00.000000Z"}, {"uuid": "d7e1f339-4df2-418d-9ac6-aa919ab8f7af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-20)", "content": "", "creation_timestamp": "2024-12-20T00:00:00.000000Z"}, {"uuid": "5891d891-531e-41c9-ac14-5ccdf63a8d92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-31)", "content": "", "creation_timestamp": "2024-10-31T00:00:00.000000Z"}, {"uuid": "fda2f9d9-e7e4-4502-8d3f-05e0775c2b79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-11)", "content": "", "creation_timestamp": "2025-02-11T00:00:00.000000Z"}, {"uuid": "e55ce5ef-eac1-4493-b32d-04418276c2af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:02.000000Z"}, {"uuid": "79110561-bdff-4d1e-9b70-001476fc391d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-02)", "content": "", "creation_timestamp": "2025-03-02T00:00:00.000000Z"}, {"uuid": "528f3084-b35b-4d80-90a2-9251849874b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-10)", "content": "", "creation_timestamp": "2025-03-10T00:00:00.000000Z"}, {"uuid": "ab9b3ae0-3f3d-4782-ae5b-57efed49adeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-09)", "content": "", "creation_timestamp": "2025-03-09T00:00:00.000000Z"}, {"uuid": "722af52b-a499-41ce-8d15-867f8509d12c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-09)", "content": "", "creation_timestamp": "2025-03-09T00:00:00.000000Z"}, {"uuid": "9efc3e8d-f7ab-43d3-b599-3cdcd608b6c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-21)", "content": "", "creation_timestamp": "2025-03-21T00:00:00.000000Z"}, {"uuid": "d0f2c79e-66d5-4a42-bce2-7381e01f1719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-15)", "content": "", "creation_timestamp": "2025-05-15T00:00:00.000000Z"}, {"uuid": "02350ff5-5d34-4e90-a048-7e9af516b3c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-02)", "content": "", "creation_timestamp": "2025-03-02T00:00:00.000000Z"}, {"uuid": "cf807518-744a-424e-8714-e71753e0ad13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-11)", "content": "", "creation_timestamp": "2025-03-11T00:00:00.000000Z"}, {"uuid": "982cb1e0-82f7-4c0e-ae29-d7dd7a29c1c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:59.000000Z"}, {"uuid": "d3d5fa1a-fa82-4448-9b44-12e3463a345d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-08)", "content": "", "creation_timestamp": "2025-04-08T00:00:00.000000Z"}, {"uuid": "2a5a3fe2-8c60-4220-9dd1-ac300efc28fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-21)", "content": "", "creation_timestamp": "2025-05-21T00:00:00.000000Z"}, {"uuid": "a55bef2e-53cf-4e0f-85d1-7042f364115f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-06)", "content": "", "creation_timestamp": "2025-05-06T00:00:00.000000Z"}, {"uuid": "811742cd-fc31-49f8-991f-4fd96b42ce20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-15)", "content": "", "creation_timestamp": "2025-04-15T00:00:00.000000Z"}, {"uuid": "345579c7-21d5-43d6-8da1-2809d6b8d42c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-03)", "content": "", "creation_timestamp": "2025-06-03T00:00:00.000000Z"}, {"uuid": "3c477be0-7024-45b9-b26a-209313dba572", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-26)", "content": "", "creation_timestamp": "2025-06-26T00:00:00.000000Z"}, {"uuid": "4cee3555-f39a-41cf-ad73-3d573f8781ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-06)", "content": "", "creation_timestamp": "2025-05-06T00:00:00.000000Z"}, {"uuid": "7b293b9a-1c19-4edd-b4c5-824cd0c4a1cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-09)", "content": "", "creation_timestamp": "2025-05-09T00:00:00.000000Z"}, {"uuid": "a3a6d143-dbec-409b-af58-f7b52781b0d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-05)", "content": "", "creation_timestamp": "2025-05-05T00:00:00.000000Z"}, {"uuid": "ba28a8c1-f2ba-4fa0-9564-71ef2f36b947", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lv72qy2x6q2f", "content": "", "creation_timestamp": "2025-07-30T16:40:15.398401Z"}, {"uuid": "ef3e207d-77b1-4551-b2b9-79cd34457de2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-20)", "content": "", "creation_timestamp": "2025-05-20T00:00:00.000000Z"}, {"uuid": "d1e0d512-1da3-4bb6-baea-2fd2cee1046c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ivanti_epm_recordgoodapp_sqli_rce.rb", "content": "", "creation_timestamp": "2024-07-08T20:08:56.000000Z"}, {"uuid": "e2dea807-8b9b-4158-af28-513800a9d73e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-04)", "content": "", "creation_timestamp": "2025-07-04T00:00:00.000000Z"}, {"uuid": "2fa3d789-af12-4c8e-9039-36ca421650c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-05)", "content": "", "creation_timestamp": "2025-09-05T00:00:00.000000Z"}, {"uuid": "2d39b088-8928-4416-b8fb-b6e85624f8b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "9895eb47-d95c-4891-a506-6bc0c876cf0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-01)", "content": "", "creation_timestamp": "2025-08-01T00:00:00.000000Z"}, {"uuid": "159704b9-b62c-4797-84c2-227d6a1a4c08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-20)", "content": "", "creation_timestamp": "2025-08-20T00:00:00.000000Z"}, {"uuid": "4709cf27-37ce-4f8d-86a7-29160cfd690d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "d2856557-cff0-4c3b-9c5a-0243831735db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-20)", "content": "", "creation_timestamp": "2025-08-20T00:00:00.000000Z"}, {"uuid": "4eccf678-125b-436f-9632-0e257950c91b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-22)", "content": "", "creation_timestamp": "2025-08-22T00:00:00.000000Z"}, {"uuid": "638023cc-3740-4951-bc1a-8b83fde3116e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-25)", "content": "", "creation_timestamp": "2026-03-25T00:00:00.000000Z"}, {"uuid": "2df6a7c1-03c2-4403-bc59-cec5cf0d2edb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-15)", "content": "", "creation_timestamp": "2025-09-15T00:00:00.000000Z"}, {"uuid": "758e2292-76c3-4aef-b8f7-0fa409cc335c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "https://gist.github.com/jonathan-gruber-1/05724c8f2229fceca85cb5694e67abbd", "content": "", "creation_timestamp": "2026-02-13T10:12:10.000000Z"}, {"uuid": "4a483be0-36a0-4a2d-9c01-59e0a620ffd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-25)", "content": "", "creation_timestamp": "2025-12-25T00:00:00.000000Z"}, {"uuid": "6d5235d3-a86c-4353-a937-941bcda0ffd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-28)", "content": "", "creation_timestamp": "2026-03-28T00:00:00.000000Z"}, {"uuid": "7ccd85cc-e42f-45ce-bc0c-ce26eb2f1b8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7e38675c-5d0e-4672-b2ef-4dfe9a786fbf", "content": "", "creation_timestamp": "2026-02-02T12:26:27.430335Z"}, {"uuid": "a08ece5f-a23e-4ca9-a5ad-902cda65a1ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1300", "content": "", "creation_timestamp": "2024-05-24T04:00:00.000000Z"}, {"uuid": "5b878572-4295-4d92-86f2-80d78898c91c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/3651b195-292d-4150-b4a3-186bbc6fa128", "content": "", "creation_timestamp": "2024-10-21T08:27:33.229801Z"}, {"uuid": "c056d1b4-8e69-4c44-97ca-5e5616d9df42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-10)", "content": "", "creation_timestamp": "2026-04-10T00:00:00.000000Z"}, {"uuid": "91cf0683-8ca2-47e0-bfd3-21275ba792d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7965", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aMass Exploit - CVE-2024-29824  - Ivanti EPM - Remote Code Execution (RCE)\nURL\uff1ahttps://github.com/codeb0ss/CVE-2024-29824-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-12T20:52:48.000000Z"}, {"uuid": "75ccd25c-f898-46ed-a075-154169ede741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "https://t.me/itsec_news/4463", "content": "\u200b\u26a1\ufe0f\u0421\u0440\u0430\u0437\u0443 \u043f\u044f\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Ivanti \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438\n\n\ud83d\udcac21 \u043c\u0430\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Ivanti \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0442\u0430\u043a\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u043a\u0430\u043a Endpoint Manager, Avalanche, Neurons for ITSM, Connect Secure \u0438 Secure Access. \u0421\u0443\u043c\u043c\u0430\u0440\u043d\u043e \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 16 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u044b \u043a\u0440\u0430\u0442\u043a\u043e \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0438\u043c \u043d\u0438\u0436\u0435.\n\n\u0418\u0437 \u0434\u0435\u0441\u044f\u0442\u0438 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Endpoint Manager \u0448\u0435\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044f\u043c\u0438 (CVE-2024-29822, CVE-2024-29823, CVE-2024-29824, CVE-2024-29825, CVE-2024-29826, CVE-2024-29827). \u041e\u043d\u0438 \u0438\u043c\u0435\u044e\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 9.6 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS. \u042d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0435\u043c\u0443\u0441\u044f \u0432 \u0442\u043e\u0439 \u0436\u0435 \u0441\u0435\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u041e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0447\u0435\u0442\u044b\u0440\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Endpoint Manager (CVE-2024-29828, CVE-2024-29829, CVE-2024-29830, CVE-2024-29846) \u0443\u0436\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0433\u043e, \u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434. \u042d\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0438\u043c\u0435\u044e\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 8.4 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f Core \u0441\u0435\u0440\u0432\u0435\u0440 Ivanti EPM 2022 SU5 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u0412 \u043a\u043b\u0438\u0435\u043d\u0442\u0435 Ivanti Avalanche \u0432\u0435\u0440\u0441\u0438\u0438 6.4.3.602 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-29848 (CVSS 7.2), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0447\u0435\u0440\u0435\u0437 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430.\n\n\u0422\u0430\u043a\u0436\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f \u043f\u044f\u0442\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438: SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044f (CVE-2024-22059, CVSS 8.8) \u0438 \u043e\u0448\u0438\u0431\u043a\u0430 \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 (CVE-2024-22060, CVSS 8.7) \u0432 Ivanti Neurons for ITSM, CRLF-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044f \u0432 Ivanti Connect Secure (CVE-2023-38551, CVSS 8.2) \u0438 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Ivanti Secure Access: CVE-2023-38042, CVSS 7.8 (\u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Windows) \u0438 CVE-2023-46810, CVSS 7.3 (\u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Linux).\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0430, \u0447\u0442\u043e \u0443 \u043d\u0435\u0451 \u043d\u0435\u0442 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u0441\u0435\u0445 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438\u043b\u0438 \u0438\u0445 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043a\u043e\u0434\u0430 \u0447\u0435\u0440\u0435\u0437 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n\n\u041a\u043b\u0438\u0435\u043d\u0442\u0430\u043c Ivanti \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0422\u0430\u043a\u0436\u0435 \u043a\u0440\u0430\u0439\u043d\u0435 \u0432\u0430\u0436\u043d\u043e \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u043b\u0443\u0447\u0448\u0438\u043c \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430\u043c \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0434\u0438\u0442 \u0441\u0438\u0441\u0442\u0435\u043c \u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u043c\u0435\u0442\u044c \u043f\u043b\u0430\u043d \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u0431\u044b\u0441\u0442\u0440\u043e\u0439 \u0440\u0435\u0430\u043a\u0446\u0438\u0438 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0432\u0437\u043b\u043e\u043c\u0430.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-05-24T23:27:46.000000Z"}, {"uuid": "87ab5a08-c778-401f-8234-91db44000d30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-10)", "content": "", "creation_timestamp": "2026-04-10T00:00:00.000000Z"}, {"uuid": "6c86d7f7-1871-4c29-b59a-af977515fd72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "https://t.me/ton618cyber/5059", "content": "Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch\n\nCritical Ivanti Endpoint Manager flaw CVE-2024-29824 actively exploited. CISA urges immediate updates to secure networks\n\nthehackernews.com \u2022 Oct 3, 2024", "creation_timestamp": "2024-10-03T11:53:29.000000Z"}, {"uuid": "b9d4f8fd-fcf2-4086-b886-18f9c8adaa91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "https://t.me/kasperskyb2b/1441", "content": "\u23e9 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83e\udd2f \u041e\u0431\u044b\u0447\u043d\u043e \u043c\u044b \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u0443\u0435\u043c \u043d\u043e\u0432\u043e\u0441\u0442\u0438 APT \u0431\u0435\u0437 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u0432, \u043d\u043e \u0442\u0443\u0442 \u0443\u0436 \u0431\u043e\u043b\u044c\u043d\u043e \u0443\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0441\u044e\u0436\u0435\u0442. WSJ \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u043f\u0440\u0438 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0438 \u0430\u0442\u0430\u043a APT Salt Typhoon \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0430\u044e\u0442 \u043d\u0443\u0436\u043d\u044b\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0446\u0435\u0432, \u043f\u043e\u043b\u044c\u0437\u0443\u044f\u0441\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0432 \u0441\u0435\u0442\u044f\u0445 AT&amp;T, Verizon \u0438 \u043f\u0440\u043e\u0447\u0438\u0445 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043e\u0432 \u0434\u043b\u044f \u0437\u0430\u043a\u043e\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0441\u043b\u0443\u0448\u043a\u0438 \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0438\u043c\u0438 \u0441\u043f\u0435\u0446\u0441\u043b\u0443\u0436\u0431\u0430\u043c\u0438 (\u0430\u043d\u0430\u043b\u043e\u0433 \u0421\u041e\u0420\u041c). \u042d\u0442\u043e \u2014 \u0445\u043e\u0440\u043e\u0448\u0435\u0435 \u043d\u0430\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0435 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043d\u0435\u043b\u044c\u0437\u044f \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0431\u044d\u043a\u0434\u043e\u0440 \u0434\u043b\u044f \u043a\u043e\u0433\u043e-\u0442\u043e \u043e\u0434\u043d\u043e\u0433\u043e, \u0440\u0430\u043d\u043e \u0438\u043b\u0438 \u043f\u043e\u0437\u0434\u043d\u043e \u043e\u043d \u0431\u0443\u0434\u0435\u0442 \u0434\u043b\u044f \u0432\u0441\u0435\u0445.\n\n\ud83d\udc7d SIEM \u043d\u0430 \u0441\u043b\u0443\u0436\u0431\u0435 \u0437\u043b\u043e\u0434\u0435\u0435\u0432: \u0432 \u043d\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0438 \u0441\u0431\u043e\u0440\u0430 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u043b\u0438\u0435\u043d\u0442 open source SIEM Wazuh. \u041a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043c\u0430\u0439\u043d\u0438\u043d\u0433.\n\n\ud83d\ude2e Cloudflare \u043e\u0442\u0447\u0438\u0442\u0430\u043b\u0441\u044c \u043e \u0431\u043e\u0440\u044c\u0431\u0435 \u0441 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0435\u0439 DDoS-\u0430\u0442\u0430\u043a\u043e\u0439 \u0430\u0436 \u043d\u0430 3,8 \u0422\u0431/\u0441.\n\n\ud83d\udc7e \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043c\u0430\u0441\u0441\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u044b\u0445 \u0440\u043e\u0443\u0442\u0435\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u0441\u0442\u0443\u043f\u0430\u044e\u0442 \u0434\u043e\u043c\u0430\u0448\u043d\u0438\u043c\u0438 \u043f\u0440\u043e\u043a\u0441\u0438 \u0438 \u043f\u0440\u043e\u043c\u0435\u0436\u0443\u0442\u043e\u0447\u043d\u044b\u043c\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u0434\u043b\u044f \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a. \u0411\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430\u0439\u0434\u0435\u043d\u043e \u0432 \u0421\u0428\u0410, \u0413\u043e\u043d\u043a\u043e\u043d\u0433\u0435 \u0438 \u0428\u0432\u0435\u0446\u0438\u0438, \u0441\u0430\u043c\u044b\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0434\u0435\u0432\u0430\u0439\u0441\u044b \u0432 \u0431\u043e\u0442\u043d\u0435\u0442\u0435 \u2014 Asus \u0438 Qnap. \u041d\u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u043d\u0430\u0439\u0434\u0435\u043d\u044b \u043e\u0431\u0440\u0430\u0437\u0446\u044b \u0412\u041f\u041e GobRAT \u0438 Bulbature. \n\n\u0410 \u0412\u041f\u041e perfctl \u0443\u0436\u0435 \u0442\u0440\u0438 \u0433\u043e\u0434\u0430 \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u0437\u0430\u0440\u0430\u0436\u0430\u0435\u0442 Linux-\u0441\u0435\u0440\u0432\u0435\u0440\u044b, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f 20 \u0442\u044b\u0441\u044f\u0447 \u043e\u0448\u0438\u0431\u043e\u043a \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438.  \u041f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0412\u041f\u041e \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0440\u0443\u0442\u043a\u0438\u0442\u043e\u043c \u0438 \u0446\u0435\u043b\u044b\u043c \u043d\u0430\u0431\u043e\u0440\u043e\u043c \u0434\u0440\u0443\u0433\u0438\u0445 \u0442\u0440\u044e\u043a\u043e\u0432 \u0434\u043b\u044f \u043c\u0430\u043a\u0441\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0441\u0442\u0438. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0444\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043e\u0431\u044b\u0447\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043c\u0430\u0439\u043d\u0435\u0440.\n\n\u0412 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438, \u0440\u0430\u043d\u0435\u0435 \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 APT Mustang Panda, \u043d\u0430\u0448\u0451\u043b\u0441\u044f \u043a\u043b\u0430\u0441\u0442\u0435\u0440, \u0432\u0438\u0434\u0438\u043c\u043e \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0438\u0439 \u043d\u043e\u0432\u043e\u0439 \u043f\u043e\u0434\u0433\u0440\u0443\u043f\u043f\u0435, \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u043e\u0439 CeranaKeeper. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0434\u043b\u044f \u04212 \u0438 \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438. \n\n\ud83d\udc6e\u200d\u2640\ufe0f\u041a\u0440\u0430\u0442\u043a\u0438\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u043d\u043e\u0432\u044b\u0445 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0439 \u0438 \u0430\u0442\u0430\u043a Akira ransomware: TTP, IoC, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0445\u0430\u043d\u0442\u0438\u043d\u0433\u0443.\n\n\u2328\ufe0f\u041e\u0431\u0437\u043e\u0440 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 CyberVolk, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0430\u0447\u0438\u043d\u0430\u043b\u0430 \u0441 \u0445\u0430\u043a\u0442\u0438\u0432\u0438\u0437\u043c\u0430, \u0430 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0430\u043a\u0442\u0438\u0432\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u043e \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 ransomware.\n\n\ud83d\ude93 \u041e\u043a\u043e\u043b\u043e 5% \u0432\u0441\u0435\u0445 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u043c\u0430\u0433\u0430\u0437\u0438\u043d\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0449\u0438\u0445 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Magento/Adobe Commerce, \u0431\u044b\u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u044d\u0442\u0438\u043c \u043b\u0435\u0442\u043e\u043c \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0432\u0435\u0431-\u0441\u043a\u0438\u043c\u043c\u0435\u0440 \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 \u043e\u043f\u043b\u0430\u0442\u044b. \u0420\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 \u043d\u0430\u043f\u0435\u0440\u0435\u0433\u043e\u043d\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 CVE-2024-34102 (CosmicSting).\n\n\ud83c\udf44 FIN7 \u043b\u043e\u0432\u0438\u0442 \u043d\u0430 \u043a\u043b\u0443\u0431\u043d\u0438\u0447\u043a\u0443: \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 NetSupport RAT \u0447\u0435\u0440\u0435\u0437 \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0438 \u0434\u0438\u043f\u0444\u0435\u0439\u043a-\u043e\u0431\u043d\u0430\u0436\u0451\u043d\u043a\u0438.\n\n\ud83d\udcf1 \u0410 \u0432 App Store \u0438 Google Play \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0442\u0440\u0435\u0439\u0434\u0438\u043d\u0433\u0430 \u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0438\u0434\u0438\u043c\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0445\u0435\u043c pig butchering.\n\n\ud83c\udf83\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u043e\u0432: StealC (\u0430\u0436 \u0432 \u0442\u0440\u0451\u0445 \u0447\u0430\u0441\u0442\u044f\u0445) \u0438 Amnesia.\n\n\ud83d\udc40 \u041d\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u0431\u044b\u043b\u0430 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0434\u0432\u0443\u0445 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0432\u0435\u0436\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:  CVE-2024-29824 \u0432 Ivanti Endpoint Manager \u0438 CVE-2024-45519 \u0432 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Zimbra.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #APT #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 @\u041f2\u0422", "creation_timestamp": "2024-10-07T15:36:21.000000Z"}, {"uuid": "6be242a8-e291-489d-9815-90d90de1540c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/22614", "content": "The Hacker News\nIvanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.\nThe vulnerability, tracked as CVE-2024-29824, carries a CVSS score of 9.6 out of a maximum of 10.0, indicating critical severity.\n\"An", "creation_timestamp": "2024-10-03T09:46:10.000000Z"}, {"uuid": "5af8f6ab-9e74-4ed9-a37d-bcb243f66190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "https://t.me/ton618cyber/1669", "content": "Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch\n\nCritical Ivanti Endpoint Manager flaw CVE-2024-29824 actively exploited. CISA urges immediate updates to secure networks\n\nthehackernews.com \u2022 Oct 3, 2024", "creation_timestamp": "2024-10-03T11:53:30.000000Z"}, {"uuid": "404ebdf0-c796-41d2-b8cb-e9384f6dde43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "Telegram/eJtGriD7yjftmqX8cb61ha92G0P951r8LcSl9__qz1v57g", "content": "", "creation_timestamp": "2024-10-03T09:46:09.000000Z"}, {"uuid": "8a12d7a0-8293-41ca-ad01-2fb0fe2d490c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/2399", "content": "\u200aCVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection Remote Code Execution Vulnerability\n\nhttps://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29824-deep-dive-ivanti-epm-sql-injection-remote-code-execution-vulnerability/", "creation_timestamp": "2024-06-13T14:20:10.000000Z"}, {"uuid": "174ba22a-6f95-4fe0-a958-551b01be35b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/6473", "content": "\u200aCVE-2024-29824 : Exploring The Remote Code Execution Vulnerability In Ivanti EPM\n\nhttps://kalilinuxtutorials.com/cve-2024-29824/", "creation_timestamp": "2024-07-18T10:13:02.000000Z"}, {"uuid": "521bf4c8-c74b-443e-970a-38320e0cf995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/458", "content": "Tools - Hackers Factory \n\nSimple tool for searching and collect information written in Python 3\n\nhttps://github.com/YouVBeenHacked/gideon/tree/09c3e17864a5d6ceead8558f119560c4861d7a6f\n\nlawndoc/Respotter: Respotter is a Responder honeypot! Catch attackers and red teams as soon as they spin up Responder in your environment.\n\nhttps://github.com/lawndoc/Respotter\n\na13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nA chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs\n\nhttps://github.com/ElSicarius/chunkloader\n\nToutatis\n\nhttps://github.com/megadose/toutatis - a tool for collecting info about an Instagram user (that include part of phone number and email).\n\nCVE-2024-40725 and CVE-2024-40898\n\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\nMass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)\n\nhttps://github.com/codeb0ss/CVE-2024-29824-PoC\n\nFile-Tunnel : Tunnel TCP connections through a file.\n\nhttps://github.com/fiddyschmitt/File-Tunnel\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-07-23T04:43:45.000000Z"}, {"uuid": "15958bfe-1d2f-489a-8779-ed869af70676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "Telegram/Hmr6fqeZ-Bd9_osPqYKKwqnyGdxlXfpY1G4FW0vImI1xww", "content": "", "creation_timestamp": "2024-10-03T18:39:16.000000Z"}, {"uuid": "f0caeb28-1547-4e10-9648-c612d37bd92e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "published-proof-of-concept", "source": "https://t.me/pt_soft/374", "content": "\ud83d\udda5 CVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection RCE\n\nIvanti Endpoint Manager (EPM) - \u044d\u0442\u043e \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 \u0432\u043d\u0443\u0442\u0440\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438\n\nhttps://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29824-deep-dive-ivanti-epm-sql-injection-remote-code-execution-vulnerability/\n\n\ud83d\udcbb PoC\n\n#sqli #cve #ivanti #poc\n\n\u2708\ufe0f // Pentest HaT \ud83c\udfa9", "creation_timestamp": "2024-10-05T11:43:45.000000Z"}, {"uuid": "4542fa5e-de47-4cbf-8496-0a47c049fbcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/397", "content": "PoC RELEASED: Mass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)", "creation_timestamp": "2024-07-14T02:53:07.000000Z"}, {"uuid": "145ae120-2a46-4350-a91e-e4c1214cdee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8306", "content": "Tools - Hackers Factory \n\nSimple tool for searching and collect information written in Python 3\n\nhttps://github.com/YouVBeenHacked/gideon/tree/09c3e17864a5d6ceead8558f119560c4861d7a6f\n\nlawndoc/Respotter: Respotter is a Responder honeypot! Catch attackers and red teams as soon as they spin up Responder in your environment.\n\nhttps://github.com/lawndoc/Respotter\n\na13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nA chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs\n\nhttps://github.com/ElSicarius/chunkloader\n\nToutatis\n\nhttps://github.com/megadose/toutatis - a tool for collecting info about an Instagram user (that include part of phone number and email).\n\nCVE-2024-40725 and CVE-2024-40898\n\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\nMass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)\n\nhttps://github.com/codeb0ss/CVE-2024-29824-PoC\n\nFile-Tunnel : Tunnel TCP connections through a file.\n\nhttps://github.com/fiddyschmitt/File-Tunnel\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-07-23T06:18:24.000000Z"}, {"uuid": "c0d1441e-b829-475d-9337-24d1983d9b23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "https://t.me/KomunitiSiber/2669", "content": "Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch\nhttps://thehackernews.com/2024/10/ivanti-endpoint-manager-flaw-actively.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.\nThe vulnerability, tracked as CVE-2024-29824, carries a CVSS score of 9.6 out of a maximum of 10.0, indicating critical severity.\n\"An", "creation_timestamp": "2024-10-03T15:20:42.000000Z"}, {"uuid": "a5b54dd9-b42e-48c7-ae36-cb912fbbe4ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/4825", "content": "The Hacker News\nIvanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.\nThe vulnerability, tracked as CVE-2024-29824, carries a CVSS score of 9.6 out of a maximum of 10.0, indicating critical severity.\n\"An", "creation_timestamp": "2024-10-03T09:46:10.000000Z"}, {"uuid": "24441c41-e3ec-42e2-aedd-77f516ef2dd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7003", "content": "Tools - Hackers Factory \n\nSimple tool for searching and collect information written in Python 3\n\nhttps://github.com/YouVBeenHacked/gideon/tree/09c3e17864a5d6ceead8558f119560c4861d7a6f\n\nlawndoc/Respotter: Respotter is a Responder honeypot! Catch attackers and red teams as soon as they spin up Responder in your environment.\n\nhttps://github.com/lawndoc/Respotter\n\na13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nA chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs\n\nhttps://github.com/ElSicarius/chunkloader\n\nToutatis\n\nhttps://github.com/megadose/toutatis - a tool for collecting info about an Instagram user (that include part of phone number and email).\n\nCVE-2024-40725 and CVE-2024-40898\n\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\nMass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)\n\nhttps://github.com/codeb0ss/CVE-2024-29824-PoC\n\nFile-Tunnel : Tunnel TCP connections through a file.\n\nhttps://github.com/fiddyschmitt/File-Tunnel\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-07-23T06:18:24.000000Z"}, {"uuid": "f3a81e62-1004-422f-b199-cb9889eaa77e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3474", "content": "Tools - Hackers Factory \n\nSimple tool for searching and collect information written in Python 3\n\nhttps://github.com/YouVBeenHacked/gideon/tree/09c3e17864a5d6ceead8558f119560c4861d7a6f\n\nlawndoc/Respotter: Respotter is a Responder honeypot! Catch attackers and red teams as soon as they spin up Responder in your environment.\n\nhttps://github.com/lawndoc/Respotter\n\na13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nA chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs\n\nhttps://github.com/ElSicarius/chunkloader\n\nToutatis\n\nhttps://github.com/megadose/toutatis - a tool for collecting info about an Instagram user (that include part of phone number and email).\n\nCVE-2024-40725 and CVE-2024-40898\n\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\nMass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)\n\nhttps://github.com/codeb0ss/CVE-2024-29824-PoC\n\nFile-Tunnel : Tunnel TCP connections through a file.\n\nhttps://github.com/fiddyschmitt/File-Tunnel\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-07-23T04:43:56.000000Z"}, {"uuid": "6952c7e7-22a5-4e2b-86e9-986a73bf214f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "Telegram/eTYVLho8XT-R-Jb2Z1yGGNQHhhxgfusckc3EZiCKbkqcmG8", "content": "", "creation_timestamp": "2024-10-04T12:52:44.000000Z"}, {"uuid": "d41d94af-cad7-4f33-bd96-bd655a9c1665", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3412", "content": "PoC RELEASED: Mass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)", "creation_timestamp": "2024-07-14T11:22:44.000000Z"}, {"uuid": "9dab8d67-685c-4721-936b-41e74f4c24a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "seen", "source": "https://t.me/proxy_bar/2166", "content": "CVE-2024-29824\n*\nIvanti EPM - Remote Code Execution\n*\nMass exploit", "creation_timestamp": "2024-07-14T08:33:30.000000Z"}, {"uuid": "2c45d202-fee4-49d4-b4a2-418cd81346f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/8813", "content": "CVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection Remote Code Execution Vulnerability \u2013 Horizon3.ai\n\nhttps://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29824-deep-dive-ivanti-epm-sql-injection-remote-code-execution-vulnerability/", "creation_timestamp": "2024-06-12T19:38:19.000000Z"}, {"uuid": "c46a765f-b549-467e-a0e1-90df0533c89b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1502", "content": "New ivanti endpoint manager rce exploit. \n\n\nEnjoy;", "creation_timestamp": "2024-09-07T05:42:04.000000Z"}, {"uuid": "adeb0b3b-7ad3-4931-a53e-5f04ac1a144b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-02)", "content": "", "creation_timestamp": "2026-05-02T00:00:00.000000Z"}, {"uuid": "4f16496e-4c90-49b8-9596-5970aca39bcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/5856", "content": "\u041f\u043e\u0434 \u043a\u043e\u043d\u0435\u0446 \u043d\u0435\u0434\u0435\u043b\u0438 \u043f\u043e\u0434\u043e\u0441\u043f\u0435\u043b\u0438 PoC \u0434\u043b\u044f \u0440\u0430\u0437\u043d\u043e\u0433\u043e \u0440\u043e\u0434\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438 \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u043f\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0431\u0443\u0434\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u041e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u0435 \u0437\u0430\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u0443\u0435\u0442 PoC \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Veeam Recovery Orchestrator \u0432\u0435\u0440\u0441\u0438\u0439 7.0.0.337 \u0438 7.1.0.205 \u0438 \u0441\u0442\u0430\u0440\u0448\u0435,\u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2024-29855 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c 9.0 \u043f\u043e CVSS v3.1.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u043e\u0439\u0442\u0438 \u0432 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 VRO \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\u00a0\n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u00a0\u0421\u0438\u043d\u0430 \u0425\u0435\u0439\u0440\u043a\u0445\u0430\u0445, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0432 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u043f\u043e \u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u0432\u043e\u0434\u0443 \u0443 \u0441\u0435\u0431\u044f \u043d\u0430 \u0441\u0430\u0439\u0442\u0435.\n\n\u0410 \u0432\u043e\u0442 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0430\u044f Qrator Labs \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0434\u0435\u043b\u044f\u0442\u0441\u044f \u043a\u043e\u0434\u043e\u043c PoC \u0434\u043b\u044f DDoS-\u0430\u0442\u0430\u043a\u0438 HTTP/2 Rapid Reset (CVE-2023-44487).\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c CertiK SkyFall \u0412\u0430\u043d \u0422\u0438\u043b\u0435\u0439 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b PoC \u0434\u043b\u044f CVE-2024-27801, \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 NSXPC \u0432 macOS \u0438 iOS \u043e\u0442 Apple.\n\n\u041e\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0438\u0445 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0434\u0435\u0441\u044f\u0442\u044c \u043b\u0435\u0442 \u043d\u0430\u0437\u0430\u0434. Apple \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u0430\u0435.\n\nHorizon3 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0438 PoC \u0434\u043b\u044f CVE-2024-29824, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f SQL \u0432 Ivanti EPM.\n\n\u041f\u043e\u043a\u0430 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u0439\u00a0\u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u043e\u0441\u044c, \u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043a\u0430.\n\n\u0412\u044b\u0448\u043b\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0438 PoC \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2024\u20134956) \u0432 Sonatype Nexus. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u0430\u0435.", "creation_timestamp": "2024-06-14T14:23:44.000000Z"}, {"uuid": "b44b6266-afff-4089-9b97-33c3314a7678", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "exploited", "source": "https://t.me/thehackernews/5679", "content": "\ud83d\udd25 Critical SQL Injection vulnerability (CVE-2024-29824) in Ivanti EPM is actively exploited! \n \nCVSS 9.6\u2014unauthenticated attackers can execute code remotely. Federal agencies must patch by Oct 23. \n \nFind details here: https://thehackernews.com/2024/10/ivanti-endpoint-manager-flaw-actively.html", "creation_timestamp": "2024-10-03T08:10:26.000000Z"}, {"uuid": "817192c3-3bf2-4918-bfe8-d942bfa8b0b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29824", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10668", "content": "#exploit\n1. CVE-2024-0190:\nRRJ NUEVA ECIJA Engineer XSS Exploit\nhttps://github.com/codeb0ss/CVE-2024-0190-PoC\n\n2. CVE-2024-29824:\nIvanti EPM SQL Injection RCE\nhttps://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29824-deep-dive-ivanti-epm-sql-injection-remote-code-execution-vulnerability\n\n3. CVE-2024-1698:\nWordpress NotificationX &lt;=2.8.2 - SQLI\nhttps://github.com/codeb0ss/CVE-2024-1698-PoC", "creation_timestamp": "2024-06-14T10:03:51.000000Z"}]}