Experience the power of our SaaS-based platform today by signing up for a Free Trial

Threat Advisories

Adversaries strike critical Windows IKE flaw in the “Bleed You” campaign

November 30, 2022

Threat Level

Red

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

An active “Bleed You” campaign is leveraging a critical RCE (CVE-2022-34721) vulnerability in Windows Internet Key Exchange (IKE) Protocol Extensions to assist subsequent malware and ransomware assaults and lateral network movement. This attack targeted vulnerable Windows operating systems, servers, protocols, and services.

A new strain of Punisher ransomware

How ScarCruft APT group enhances its toolkit with a powerful Dolphin backdoor