Adversaries strike critical Windows IKE flaw in the “Bleed You” campaign

Threat Advisories

Adversaries strike critical Windows IKE flaw in the “Bleed You” campaign

November 30, 2022
Threat Level
Red
Attack Report

For a detailed threat advisory, download the pdf file here

Summary

An active “Bleed You” campaign is leveraging a critical RCE (CVE-2022-34721) vulnerability in Windows Internet Key Exchange (IKE) Protocol Extensions to assist subsequent malware and ransomware assaults and lateral network movement. This attack targeted vulnerable Windows operating systems, servers, protocols, and services.

Recent Posts

Join Our Newsletter 14,000+ subscribers and growing! Get top cybersecurity news delivered directly to your inbox.
Sign Up to Receive Our Weekly Threat Digest