Adversaries strike critical Windows IKE flaw in the “Bleed You” campaign
Adversaries strike critical Windows IKE flaw in the “Bleed You” campaign
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
An active “Bleed You” campaign is leveraging a critical RCE (CVE-2022-34721) vulnerability in Windows Internet Key Exchange (IKE) Protocol Extensions to assist subsequent malware and ransomware assaults and lateral network movement. This attack targeted vulnerable Windows operating systems, servers, protocols, and services.