Type
Campaign
Actors
UNC5174
Pub. date
March 22, 2024
Initial access
1-day vulnerability
Impact
Data exfiltration
Observed techniques
Vulnerability exploitation
Observed tools
SUPERSHELLSNOWLIGHTGOHEAVY
Targeted technologies
ConnectWise ScreenConnectF5 BIG IPConfluence Server
References
https://www.mandiant.com/resources/blog/initial-access-brokers-exploit-f5-screenconnect
Status
Finalized
Last edited
Jun 2, 2024 12:00 PM