{"vulnerability": "CVE-2024-5806", "sightings": [{"uuid": "c8dc4831-6979-47b3-8b9f-6ecf662a6b34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/1420", "content": "\ud83d\udea8POC RELEASED\ud83d\udea8Exploit for Progress MOVEit Transfer CVE-2024-5806\n\nhttps://x.com/DarkWebInformer/status/1805979565132599462\n\nhttps://github.com/watchtowrlabs/watchTowr-vs-progress-moveit_CVE-2024-5806", "creation_timestamp": "2024-06-26T17:34:12.000000Z"}, {"uuid": "f14ebccd-2a2c-41ea-b02e-1bde9113f913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "92adb062-0c68-400c-a4d7-2a33a21521d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:05.000000Z"}, {"uuid": "5455d753-656a-425e-badb-ed5376c8ea94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "seen", "source": "https://bsky.app/profile/it-administrator.de/post/3lomj6ipl6w2c", "content": "", "creation_timestamp": "2025-05-07T23:06:37.523604Z"}, {"uuid": "633aebb4-d9d3-4964-8e9b-73c74ff8452d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "seen", "source": "https://t.me/exploits666/23", "content": "Move it transfer exploit update: 22/11/24 stay tuned until then.\nMOVEit Transfer CVE-2024-5806\nWill make this AUTO and will make it attack in bulk as I know what your requirements are ^_^ if you want me to add anything custom to exploit DM now !!!!", "creation_timestamp": "2024-11-21T23:19:44.000000Z"}, {"uuid": "25e1302f-65ec-4825-ba6b-1a2f702a65a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "2f99441d-6419-4c16-91d4-8ab3af31b6cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/progress_moveit_sftp_fileread_cve_2024_5806.rb", "content": "", "creation_timestamp": "2024-07-08T15:29:44.000000Z"}, {"uuid": "8624f532-f1f0-46b8-9b33-4e8874131204", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-5806", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/1dca9c72-3904-4b4f-b553-ba8d0b505998", "content": "", "creation_timestamp": "2024-11-12T17:22:11.893255Z"}, {"uuid": "4dddf7ed-2017-4c8f-8027-7c6c1bf00c49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/527", "content": "#Offensive_security\n1. Remote Kerberos Relay Framework\nhttps://github.com/CICADA8-Research/RemoteKrbRelay\n2. Compromising MSSQL Databases by Relaying\nhttps://lsecqt.github.io/Red-Teaming-Army/active-directory/compromising-mssql-databases-by-relaying\n3. Auth. Bypass In (Un)Limited Scenarios - Progress MOVEit Transfer (CVE-2024-5806)\nhttps://labs.watchtowr.com/auth-bypass-in-un-limited-scenarios-progress-moveit-transfer-cve-2024-5806", "creation_timestamp": "2024-06-26T09:50:07.000000Z"}, {"uuid": "f2c40211-07f8-4124-8512-4935164e4027", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "published-proof-of-concept", "source": "Telegram/DxGHCqfwG_bYacNrIebxQTeoU9o7IKAvZUNWxqMmMo_93w", "content": "", "creation_timestamp": "2024-11-21T23:20:14.000000Z"}, {"uuid": "092f31de-a5b6-457a-8677-9afd4eb7cd7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "exploited", "source": "Telegram/FXawtTBermqd5TQqAIahI87sLvuzqeKtvZa9UkgxVmA63A", "content": "", "creation_timestamp": "2024-06-26T20:10:04.000000Z"}, {"uuid": "a392478c-3eaf-4b90-8f93-e69a953fcda2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "exploited", "source": "Telegram/ZKiV0PkOKg-ChIDn8lFaC_KbA55kpW-hEmEwnxB8vEkHgc8", "content": "", "creation_timestamp": "2024-06-26T18:17:28.000000Z"}, {"uuid": "fd610ec9-7c0d-418b-9fda-59f04f97cddc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "published-proof-of-concept", "source": "Telegram/LZ7XOPRoqwALVNc8I3LUwpNf-8CJ2PR-4TjRcjv0Z8qsO3g", "content": "", "creation_timestamp": "2025-03-09T04:00:07.000000Z"}, {"uuid": "6e0612e8-e485-46d9-83cb-c8e7fa999e76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "exploited", "source": "https://t.me/HackingInsights/3754", "content": "\u200aCVE-2024-5806: MOVEit Transfer Vulnerability Under Active Exploit, PoC Published\n\nhttps://securityonline.info/cve-2024-5806-moveit-transfer-vulnerability-under-active-exploit-poc-published/", "creation_timestamp": "2024-06-27T04:28:28.000000Z"}, {"uuid": "1781adb9-4e72-42b2-a3a8-1f64c893e7f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/13384", "content": "The Hacker News\nNew MOVEit Transfer Vulnerability Under Active Exploitation - Patch ASAP!\n\nA newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed.\nThe vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns an authentication bypass that impacts the following versions -\n\nFrom 2023.0.0 before 2023.0.11\nFrom 2023.1.0 before 2023.1.6, and&amp;", "creation_timestamp": "2024-06-26T20:10:05.000000Z"}, {"uuid": "dc4942e2-6932-462f-a04f-58e537002f51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/311", "content": "Tools - Hackers Factory \n\nYour best friend in credential reuse attacks\n\nhttps://github.com/D4Vinci/Cr3dOv3r\n\nA classic Anti-Sandbox technique \n\nhttps://github.com/knight0x07/onMouseMove-HtmlFile-PoC\n\nA metasploit module for CVE-2024-5806 in the pull queue\n\nhttps://github.com/rapid7/metasploit-framework/pull/19295\n\nAn automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.\n\nhttps://github.com/h4r5h1t/webcopilot\n\nDeobfuscator Code\n\nhttps://github.com/ergrelet/themida-unmutate\n\nExperimental Windows x64 Kernel Rootkit\n\nhttps://github.com/eversinc33/Banshee\n\nNice write up on exploiting CVE-2022-4262, Google Chrome V8 type confusion\n\nhttps://github.com/bjrjk/CVE-2022-4262\n\nRemote Kerberos Relay made easy! Advanced Kerberos Relay Framework\n\nhttps://github.com/CICADA8-Research/RemoteKrbRelay\n\nQuickly find differences and similarities in disassembled code\n\nhttps://github.com/google/bindiff\n\nA collaborative, multi-platform, red teaming framework\n\nhttps://github.com/its-a-feature/Mythic\n\nxyrella is a simple XLL builder without any remote injection functionality\n\nhttps://github.com/zimnyaa/xyrella\n\nStandalone client for proxies of Opera VPN\n\nhttps://github.com/Snawoot/opera-proxy\n\n#HackersFactory\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-07-02T07:40:02.000000Z"}, {"uuid": "fdfea61e-3df8-4c18-850f-f4f17721a493", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "seen", "source": "https://t.me/CyberDilara/266", "content": "Top 5 Trending CVEs:\n\n    1 - CVE-2024-5806\n    2 - CVE-2024-34102\n    3 - CVE-2024-23958\n    4 - CVE-2024-37032\n    5 - CVE-2024-21338\n\n#cve #cvetrends #cveshield #cybersecurity", "creation_timestamp": "2024-06-27T02:35:30.000000Z"}, {"uuid": "8a005fb1-dd1a-4198-a30d-8db65d3ebada", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "published-proof-of-concept", "source": "Telegram/ipjpDYeJYpkr0-KCaH9ZTh3O_pYjZtSTn69rRFBOcQY8YEY", "content": "", "creation_timestamp": "2024-08-06T23:48:46.000000Z"}, {"uuid": "b963457f-c5ee-48e1-bd08-a79424563375", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "exploited", "source": "https://t.me/KomunitiSiber/2168", "content": "New MOVEit Transfer Vulnerability Under Active Exploitation - Patch ASAP!\nhttps://thehackernews.com/2024/06/new-moveit-transfer-vulnerability-under.html\n\nA newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed.\nThe vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns an authentication bypass that impacts the following versions -\n\nFrom 2023.0.0 before 2023.0.11\nFrom 2023.1.0 before 2023.1.6, and&amp;", "creation_timestamp": "2024-06-26T17:23:55.000000Z"}, {"uuid": "e40dedb7-f247-4374-bafa-1f80cdcbf5b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "published-proof-of-concept", "source": "https://t.me/IntrusionExploit/142", "content": "Auth. Bypass In (Un)Limited Scenarios - Progress MOVEit Transfer (CVE-2024-5806)\n\nCVSS: 9.1 (CRITICAL) Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass.\n\nExploit: https://github.com/watchtowrlabs/watchTowr-vs-progress-moveit_CVE-2024-5806\n\nThis issue affects MOVEit Transfer:\nfrom 2023.0.0 before 2023.0.11,\nfrom 2023.1.0 before 2023.1.6,\nfrom 2024.0.0 before 2024.0.2.\n\nQuery:\nHunter: /product.name=\"MOVEit Transfer\"\nFOFA: app=\"Progress-MOVEit\"\nSHODAN: product:\"MOVEit Transfer\"", "creation_timestamp": "2024-06-26T08:10:26.000000Z"}, {"uuid": "a4d739e4-5772-4ebd-ba35-04c60b58bd14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "exploited", "source": "Telegram/Yxhs8h6mKAoWafP_On7lFqRLf-ixdyRPTppdTWRlXLo7BQ", "content": "", "creation_timestamp": "2024-06-26T18:06:18.000000Z"}, {"uuid": "ec3da17f-7ff6-4c69-a6b8-ba0497dbb65a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/2655", "content": "The Hacker News\nNew MOVEit Transfer Vulnerability Under Active Exploitation - Patch ASAP!\n\nA newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed.\nThe vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns an authentication bypass that impacts the following versions -\n\nFrom 2023.0.0 before 2023.0.11\nFrom 2023.1.0 before 2023.1.6, and&amp;", "creation_timestamp": "2024-06-26T20:10:05.000000Z"}, {"uuid": "155ee6c7-cc8b-4088-8520-3e17b2119dbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3368", "content": "Tools - Hackers Factory \n\nYour best friend in credential reuse attacks\n\nhttps://github.com/D4Vinci/Cr3dOv3r\n\nA classic Anti-Sandbox technique \n\nhttps://github.com/knight0x07/onMouseMove-HtmlFile-PoC\n\nA metasploit module for CVE-2024-5806 in the pull queue\n\nhttps://github.com/rapid7/metasploit-framework/pull/19295\n\nAn automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.\n\nhttps://github.com/h4r5h1t/webcopilot\n\nDeobfuscator Code\n\nhttps://github.com/ergrelet/themida-unmutate\n\nExperimental Windows x64 Kernel Rootkit\n\nhttps://github.com/eversinc33/Banshee\n\nNice write up on exploiting CVE-2022-4262, Google Chrome V8 type confusion\n\nhttps://github.com/bjrjk/CVE-2022-4262\n\nRemote Kerberos Relay made easy! Advanced Kerberos Relay Framework\n\nhttps://github.com/CICADA8-Research/RemoteKrbRelay\n\nQuickly find differences and similarities in disassembled code\n\nhttps://github.com/google/bindiff\n\nA collaborative, multi-platform, red teaming framework\n\nhttps://github.com/its-a-feature/Mythic\n\nxyrella is a simple XLL builder without any remote injection functionality\n\nhttps://github.com/zimnyaa/xyrella\n\nStandalone client for proxies of Opera VPN\n\nhttps://github.com/Snawoot/opera-proxy\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-02T07:39:25.000000Z"}, {"uuid": "708dbd80-7a0e-43b9-90cc-f43d7cf62478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8117", "content": "Tools - Hackers Factory \n\nYour best friend in credential reuse attacks\n\nhttps://github.com/D4Vinci/Cr3dOv3r\n\nA classic Anti-Sandbox technique \n\nhttps://github.com/knight0x07/onMouseMove-HtmlFile-PoC\n\nA metasploit module for CVE-2024-5806 in the pull queue\n\nhttps://github.com/rapid7/metasploit-framework/pull/19295\n\nAn automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.\n\nhttps://github.com/h4r5h1t/webcopilot\n\nDeobfuscator Code\n\nhttps://github.com/ergrelet/themida-unmutate\n\nExperimental Windows x64 Kernel Rootkit\n\nhttps://github.com/eversinc33/Banshee\n\nNice write up on exploiting CVE-2022-4262, Google Chrome V8 type confusion\n\nhttps://github.com/bjrjk/CVE-2022-4262\n\nRemote Kerberos Relay made easy! Advanced Kerberos Relay Framework\n\nhttps://github.com/CICADA8-Research/RemoteKrbRelay\n\nQuickly find differences and similarities in disassembled code\n\nhttps://github.com/google/bindiff\n\nA collaborative, multi-platform, red teaming framework\n\nhttps://github.com/its-a-feature/Mythic\n\nxyrella is a simple XLL builder without any remote injection functionality\n\nhttps://github.com/zimnyaa/xyrella\n\nStandalone client for proxies of Opera VPN\n\nhttps://github.com/Snawoot/opera-proxy\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-02T08:13:33.000000Z"}, {"uuid": "ed64e061-dc84-4c97-b2f5-bf286080a5b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "exploited", "source": "https://t.me/true_secator/5902", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e \u043d\u0430\u0447\u0430\u0432\u0448\u0435\u0439\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 CVE-2024-5806 \u0432 MOVEit Transfer.\n\n\u0411\u0443\u043a\u0432\u0430\u043b\u044c\u043d\u043e \u043d\u0430 \u043d\u0435\u0434\u0435\u043b\u0435 Progress Software \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 CVE-2024-5805 \u0438 CVE-2024-5806, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 MOVEit Transfer.\n\n\u041e\u0431\u0435 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 SFTP-\u043c\u043e\u0434\u0443\u043b\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 MOVEit Transfer.\n\nCVE-2024-5806 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c MOVEit Transfer \u0432\u0435\u0440\u0441\u0438\u0439 2023.0.11, 2023.1.6 \u0438 2024.0.2. CVE-2024-5805 \u0432\u043b\u0438\u044f\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u044e 2024.0.0 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 2024.0.1.\u00a0\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0432 \u0441\u0432\u043e\u0438\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445 \u043f\u043e CVE-2024-5806 Progress \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u0433\u043e \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 \u043f\u043e\u0432\u044b\u0448\u0430\u0435\u0442 \u0440\u0438\u0441\u043a \u044d\u0442\u043e\u0439 CVE. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c \u043c\u0435\u0440\u0430\u043c\u0438 \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0441\u0442\u0430\u043d\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043f\u0430\u0442\u0447.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, WatchTowr \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043b\u0430\u00a0\u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f CVE-2024-5806\u00a0\u0438 \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0430, \u043a\u0430\u043a \u0435\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, WatchTowr \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0441\u0447\u0435\u0445\u043b\u044f\u043b\u0430 \u0438 \u0432\u0442\u043e\u0440\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 IPWorks SSH, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0443\u044e MOVEit Transfer.\n\n\u0411\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0435\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u0412\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043d\u044b Shadowserver Foundation \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e\u00a0\u043f\u043e\u043f\u044b\u0442\u043a\u0430\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2024-5806.\n\n\u041e\u0434\u043d\u0430\u043a\u043e Rapid7 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430 \u0432 \u0441\u0432\u043e\u0435\u043c \u0431\u043b\u043e\u0433\u0435, \u0447\u0442\u043e \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0444\u0438\u043a\u0441\u0430\u0446\u0438\u044e Shadowserver \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0432\u0437\u043b\u043e\u043c\u0430 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043b\u043e\u0432\u0443\u0448\u043a\u0430\u0445, \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u043b\u043e\u0432\u0443\u0448\u0435\u043a \u043d\u0435 \u0432\u0441\u0435\u0433\u0434\u0430 \u043a\u043e\u0440\u0440\u0435\u043b\u0438\u0440\u0443\u0435\u0442 \u0441 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0433\u0440\u043e\u0437 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, Shadowserver \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u043e\u043a\u043e\u043b\u043e 1700 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 MOVEit Transfer \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u0421\u0435\u0432\u0435\u0440\u043d\u043e\u0439 \u0410\u043c\u0435\u0440\u0438\u043a\u0435.\n\n\u0410 \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Censys \u0438\u0445 \u043d\u0430\u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0435\u0442\u0441\u044f 2700, \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u0421\u0428\u0410, \u0434\u0430\u043b\u0435\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u044f \u0438 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u044f.\n\n\u0418 \u044d\u0442\u043e \u0447\u0438\u0441\u043b\u043e, \u043a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u0436\u0435\u0440\u0442\u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430 \u0441 Cl0p. \u0421\u043e\u0432\u043f\u0430\u0434\u0435\u043d\u0438\u0435?", "creation_timestamp": "2024-06-26T16:35:06.000000Z"}, {"uuid": "58a7ecea-8466-4ef7-8a99-4ff0ad9eee19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6843", "content": "Tools - Hackers Factory \n\nYour best friend in credential reuse attacks\n\nhttps://github.com/D4Vinci/Cr3dOv3r\n\nA classic Anti-Sandbox technique \n\nhttps://github.com/knight0x07/onMouseMove-HtmlFile-PoC\n\nA metasploit module for CVE-2024-5806 in the pull queue\n\nhttps://github.com/rapid7/metasploit-framework/pull/19295\n\nAn automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.\n\nhttps://github.com/h4r5h1t/webcopilot\n\nDeobfuscator Code\n\nhttps://github.com/ergrelet/themida-unmutate\n\nExperimental Windows x64 Kernel Rootkit\n\nhttps://github.com/eversinc33/Banshee\n\nNice write up on exploiting CVE-2022-4262, Google Chrome V8 type confusion\n\nhttps://github.com/bjrjk/CVE-2022-4262\n\nRemote Kerberos Relay made easy! Advanced Kerberos Relay Framework\n\nhttps://github.com/CICADA8-Research/RemoteKrbRelay\n\nQuickly find differences and similarities in disassembled code\n\nhttps://github.com/google/bindiff\n\nA collaborative, multi-platform, red teaming framework\n\nhttps://github.com/its-a-feature/Mythic\n\nxyrella is a simple XLL builder without any remote injection functionality\n\nhttps://github.com/zimnyaa/xyrella\n\nStandalone client for proxies of Opera VPN\n\nhttps://github.com/Snawoot/opera-proxy\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-02T08:13:33.000000Z"}, {"uuid": "d92a26c0-219d-46c8-8a57-1db36534c784", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "seen", "source": "https://t.me/GrayHatsHack/6811", "content": "Top 5 Trending CVEs:\n\n    1 - CVE-2024-5806\n    2 - CVE-2024-34102\n    3 - CVE-2024-23958\n    4 - CVE-2024-37032\n    5 - CVE-2024-21338\n\n#cve #cvetrends #cveshield #cybersecurity", "creation_timestamp": "2024-06-27T05:11:41.000000Z"}, {"uuid": "5e080f6c-deab-4040-ba40-0add1c2e1f97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "seen", "source": "https://t.me/true_secator/6472", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u044b GReAT \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u043e\u0434\u044b\u0442\u043e\u0436\u0438\u043b\u0438 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0441\u0432\u043e\u0435\u0439 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u043f\u043e \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0430\u043c \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u043b\u0430\u043d\u0434\u0448\u0430\u0444\u0442\u0430 \u0443\u0433\u0440\u043e\u0437, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c\u044e APT \u0432 2024 \u0433\u043e\u0434\u0443.\n\n\u0412 \u043f\u043e\u043b\u0435 \u0437\u0440\u0435\u043d\u0438\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430\u0445\u043e\u0434\u0438\u043b\u043e\u0441\u044c \u0431\u043e\u043b\u0435\u0435 900 \u0433\u0440\u0443\u043f\u043f. \u041f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0441\u0435 \u0432\u0435\u0440\u0434\u0438\u043a\u0442\u044b \u043f\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u0432 \u043a\u043e\u043d\u0446\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u0442\u0440\u0435\u043d\u0434\u0430\u043c - \u0432 \u043f\u043e\u043b\u044c\u0437\u0443 \u041b\u041a: \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u044b \u0432 \u0446\u0435\u043b\u043e\u043c \u0441\u0431\u044b\u043b\u0438\u0441\u044c.\n\n\u0415\u0441\u043b\u0438 \u0432\u043a\u0440\u0430\u0442\u0446\u0435, \u0442\u043e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u0430\u043c \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043f\u0440\u0435\u0434\u0443\u0433\u0430\u0434\u0430\u0442\u044c, \u0447\u0442\u043e:\n\n1. \u0423\u0432\u0435\u043b\u0438\u0447\u0438\u043b\u043e\u0441\u044c \u0447\u0438\u0441\u043b\u043e \u0438\u0437\u043e\u0431\u0440\u0435\u0442\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u043d\u0430 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u0435, \u043d\u043e\u0441\u0438\u043c\u044b\u0435 \u0438 \u0443\u043c\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430. \u0412\u0441\u043b\u0435\u0434 \u0437\u0430 \u041e\u043f\u0435\u0440\u0430\u0446\u0438\u0435\u0439 \u0422\u0440\u0438\u0430\u043d\u0433\u0443\u043b\u044f\u0446\u0438\u0435\u0439 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Apple \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u043b\u0438\u0441\u044c \u0438 \u0432 2024\u00a0\u0433\u043e\u0434\u0443.\n\n\u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443, \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 \u0432 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430\u0445 \u043c\u043e\u0433\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u00a0CVE-2024-23222\u00a0\u0432 \u0434\u0432\u0438\u0436\u043a\u0435 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Safari, \u0430 \u043e\u0441\u0435\u043d\u044c\u044e \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u00a0\u0434\u0432\u0443\u0445 \u043d\u043e\u0432\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435: CVE-2024-23225 \u0432 \u044f\u0434\u0440\u0435 XNU \u0438 CVE-2024-23296 \u0432 RTKit.\n\n\u0423\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043d\u0430 \u0431\u0430\u0437\u0435 Android \u0442\u0430\u043a\u0436\u0435 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0432 \u0444\u043e\u043a\u0443\u0441\u0435 APT-\u0433\u0440\u0443\u043f\u043f.\u00a0\u0412 \u043d\u043e\u044f\u0431\u0440\u0435 Google \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0445 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445:\u00a0CVE-2024-43093 \u0438 CVE-2024-43047.\u00a0\n\n2. \u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0440\u0435\u0439\u0434\u044b \u043f\u043e \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u04212 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u043f\u0440\u0438\u0432\u0435\u043b\u0438 \u043a \u0442\u043e\u043c\u0443, \u0447\u0442\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 APT-\u0433\u0440\u0443\u043f\u043f\u044b \u043d\u0430\u0447\u0430\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0431\u043e\u0442\u043d\u0435\u0442\u044b \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a.\n\n\u0412 2024\u00a0\u0433\u043e\u0434\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u0438\u0442\u0430\u0435\u044f\u0437\u044b\u0447\u043d\u044b\u0445 \u0433\u0440\u0443\u043f\u043f \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u0431\u043e\u0442\u043d\u0435\u0442\u044b \u0434\u043b\u044f \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a. \u041e\u0434\u0438\u043d \u0438\u0437 \u043d\u0438\u0445 -\u00a0Quad7 \u043d\u0430 \u0431\u0430\u0437\u0435 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0440\u043e\u0443\u0442\u0435\u0440\u043e\u0432, \u0434\u0440\u0443\u0433\u043e\u0439 -\u00a0KV-Botnet, \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044b\u0439 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445, \u0440\u043e\u0443\u0442\u0435\u0440\u0430\u0445 \u0438 IP-\u043a\u0430\u043c\u0435\u0440\u0430\u0445.\n\n3. \u0421\u0442\u0430\u043b\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u044f\u0434\u0440\u0430 (\u0440\u0443\u0442\u043a\u0438\u0442\u044b \u0440\u0435\u0436\u0438\u043c\u0430 \u044f\u0434\u0440\u0430 \u0441\u043d\u043e\u0432\u0430 \u0432 \u0434\u0435\u043b\u0435). \u0412 2024\u00a0\u0433\u043e\u0434\u0443 \u0442\u0435\u0445\u043d\u0438\u043a\u0430 BYOVD, \u043e\u0441\u0442\u0430\u0432\u0430\u044f\u0441\u044c \u0441\u0430\u043c\u044b\u043c \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u043c \u043c\u0435\u0442\u043e\u0434\u043e\u043c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u044f\u0434\u0440\u0443, \u0438 \u0441\u0442\u0430\u043b\u0430 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c\u0441\u044f \u0434\u0430\u0436\u0435 \u0447\u0430\u0449\u0435 (\u0440\u043e\u0441\u0442 \u043d\u0430 23%). \n\n4. \u0421 \u043a\u0430\u0436\u0434\u044b\u043c \u0433\u043e\u0434\u043e\u043c \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0430\u0442\u0430\u043a, \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043e\u043f\u044b\u0442\u043d\u044b\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0440\u0430\u0441\u0442\u0438, \u0438 2024\u00a0\u0433\u043e\u0434 \u043d\u0435 \u0441\u0442\u0430\u043b \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c. \u0412 \u043f\u0435\u0440\u0432\u043e\u0439 \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430\u00a0\u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u00a0\u0440\u043e\u0441\u0442 \u043d\u0430 25% \u0447\u0438\u0441\u043b\u0430 APT-\u0430\u0442\u0430\u043a.\n\n5. \u041a\u0430\u043a \u043c\u044b \u0438 \u043e\u0436\u0438\u0434\u0430\u043b\u043e\u0441\u044c, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0441\u044f \u0440\u043e\u0441\u0442 \u0447\u0438\u0441\u043b\u0430 \u0430\u0442\u0430\u043a \u0445\u0430\u043a\u0442\u0438\u0432\u0438\u0441\u0442\u0441\u043a\u0438\u0445 \u0433\u0440\u0443\u043f\u043f \u043d\u0430 \u0444\u043e\u043d\u0435 \u0433\u0435\u043e\u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043a\u043e\u043d\u0444\u043b\u0438\u043a\u0442\u043e\u0432. \u041e\u0442\u043c\u0435\u0442\u0438\u043b\u0438\u0441\u044c:\u00a0Twelve, Head Mare \u0438 Crypt Ghouls, BlackMeta.\n\n6. \u0421 \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0433\u0435\u043d\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0418\u0418 \u043c\u043d\u043e\u0433\u0438\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u043a\u0430\u043a \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u043e \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435, \u0442\u0430\u043a \u0438 \u0441\u043f\u043e\u043d\u0441\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0430\u043c\u0438, \u043d\u0430\u0447\u0430\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u044e \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a. \u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443 -\u00a0\u043d\u0435\u0443\u0434\u0430\u0447\u043d\u0430\u044f \u043f\u043e\u043f\u044b\u0442\u043a\u0430 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 KnowBe4.\n\n7. \u041d\u043e\u0432\u044b\u0445 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u0447\u0435\u0440\u0435\u0437 MFT-\u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e, \u043d\u043e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 MFT: CVE-2024-0204 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 GoAnywhere MFT \u0438 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u0430\u044f CVE-2024-5806 \u0432 MOVEit Transfer.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u044b \u043f\u043e \u043f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u044b\u043c \u0443\u0433\u0440\u043e\u0437\u0430\u043c \u043d\u0430 2025\u00a0\u0433\u043e\u0434 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442:\n\n- \u0410\u043b\u044c\u044f\u043d\u0441\u044b \u0445\u0430\u043a\u0442\u0438\u0432\u0438\u0441\u0442\u043e\u0432 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0442 \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u0442\u044c\u0441\u044f\n- APT-\u0433\u0440\u0443\u043f\u043f\u044b \u0431\u0443\u0434\u0443\u0442 \u0447\u0430\u0449\u0435 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0447\u0435\u0440\u0435\u0437 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 IoT\n- \u0420\u043e\u0441\u0442 \u0447\u0438\u0441\u043b\u0430 \u0430\u0442\u0430\u043a \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a \u0432 \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u0445 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c\n- \u041f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0435 \u0437\u043b\u043e\u0432\u0440\u0435\u0434\u043e\u0432 \u043d\u0430 \u044f\u0437\u044b\u043a\u0430\u0445 C++ \u0438 Go \u0434\u043b\u044f \u0430\u0434\u0430\u043f\u0442\u0430\u0446\u0438\u0438 \u043a \u044d\u043a\u043e\u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c\n- \u0411\u043e\u043b\u0435\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0418\u0418 \u0433\u0440\u0443\u043f\u043f\u0430\u043c\u0438, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c\u0438 \u043f\u0440\u0438 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0435\n- APT-\u0433\u0440\u0443\u043f\u043f\u044b \u0431\u0443\u0434\u0443\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u0438\u043f\u0444\u0435\u0439\u043a\u0430\u043c\u0438\n- \u0411\u044d\u043a\u0434\u043e\u0440\u044b \u0432 \u043c\u043e\u0434\u0435\u043b\u044f\u0445 \u0418\u0418\n- \u0420\u043e\u0441\u0442 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0442\u0438\u043f\u0430 BYOVD \u0432 APT-\u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u0445\n\n\u0411\u0443\u0434\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c.", "creation_timestamp": "2024-11-26T11:40:16.000000Z"}, {"uuid": "f8a7b420-6a7f-4614-956f-642c534fdec4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "published-proof-of-concept", "source": "https://t.me/club31337/2249", "content": "https://labs.watchtowr.com/auth-bypass-in-un-limited-scenarios-progress-moveit-transfer-cve-2024-5806\n\nPoC: https://github.com/watchtowrlabs/watchTowr-vs-progress-moveit_CVE-2024-5806 \n\n\u269c\ufe0f @club1337", "creation_timestamp": "2024-11-11T02:28:59.000000Z"}, {"uuid": "378a80bc-7e00-4a00-9aac-0a43f98d5f30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "exploited", "source": "https://t.me/thehackernews/5176", "content": "\ud83d\udea8 Critical security flaw discovered in Progress Software's MOVEit Transfer. \n \nCVE-2024-5806 allows authentication bypass and is already being exploited. Update now to protect your systems. \n \nRead details: https://thehackernews.com/2024/06/new-moveit-transfer-vulnerability-under.html", "creation_timestamp": "2024-06-26T17:00:30.000000Z"}, {"uuid": "90310bdb-f9fb-4aa7-9f0d-0dd9cacdfeb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10739", "content": "#Offensive_security\n1. Remote Kerberos Relay Framework\nhttps://github.com/CICADA8-Research/RemoteKrbRelay\n2. Compromising MSSQL DB by Relaying\nhttps://lsecqt.github.io/Red-Teaming-Army/active-directory/compromising-mssql-databases-by-relaying\n3. Auth. Bypass In (Un)Limited Scenarios - Progress MOVEit Transfer (CVE-2024-5806)\nhttps://labs.watchtowr.com/auth-bypass-in-un-limited-scenarios-progress-moveit-transfer-cve-2024-5806", "creation_timestamp": "2024-06-27T02:38:51.000000Z"}, {"uuid": "70942820-d2ad-49c4-a575-a1ecab8679ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "exploited", "source": "https://t.me/information_security_channel/52442", "content": "Exploitation Attempts Target New MOVEit Transfer Vulnerability\nhttps://www.securityweek.com/exploitation-attempts-target-new-moveit-transfer-vulnerability/\n\nExploitation attempts targeting CVE-2024-5806, a critical MOVEit Transfer vulnerability patched recently, have started.\nThe post Exploitation Attempts Target New MOVEit Transfer Vulnerability (https://www.securityweek.com/exploitation-attempts-target-new-moveit-transfer-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-06-26T14:44:56.000000Z"}, {"uuid": "2aeb7b43-81ed-462b-8548-8817db85dab7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/8861", "content": "Auth. Bypass In (Un)Limited Scenarios - Progress MOVEit Transfer (CVE-2024-5806)\n\nhttps://labs.watchtowr.com/auth-bypass-in-un-limited-scenarios-progress-moveit-transfer-cve-2024-5806/", "creation_timestamp": "2024-06-26T08:52:56.000000Z"}, {"uuid": "29ff0eaf-8214-4634-9122-70c282ef4528", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2739", "content": "https://github.com/watchtowrlabs/watchTowr-vs-progress-moveit_CVE-2024-5806\n\nExploit for the CVE-2024-5806\n#github  #exploit", "creation_timestamp": "2024-06-29T18:06:18.000000Z"}, {"uuid": "3e49a9fc-a3ec-443b-aee0-650838c6881e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5806", "type": "seen", "source": "https://t.me/club31337/2253", "content": "https://www.helpnetsecurity.com/2024/06/25/cve-2024-5805-cve-2024-5806/\n\n\u269c\ufe0f @club1337", "creation_timestamp": "2024-11-11T02:28:59.000000Z"}]}