X-Industry

greynoise (2)

The Significant Spike

Cybersecurity researchers are warning of a "significant spike" in brute-force traffic aimed at Fortinet SSL VPN devices. The coordinated activity, per threat intelligence firm GreyNoise, was observed on 03 August 2025, with over 780 unique IP addresses participating in the effort. As many as 56 unique IP addresses have been detected over the past 24 hours. All the IP addresses have been classified as malicious, with the IPs originating from the United States, Canada, Russia, and the Netherlan

Mass Exploitation of Critical PHP-CGI Vulnerability

Cisco Talos recently uncovered a sophisticated attack campaign targeting Japanese organizations through CVE-2024-4577 [1], a critical PHP-CGI remote code execution flaw with 79 exploits available. While Talos focused on victimology and attacker tradecraft, GreyNoise telemetry reveals a wider exploitation pattern demanding immediate action from defenders globally.

Attack Overview - According to Cisco Talos, the threat actor exploited PHP-CGI installations on Windows systems to deploy Cobalt Strik

#xg { position:relative;top:120px; } #xn_bar { top:120px; }

Hello, you need to enable JavaScript to use Red Sky Alliance.

Please check your browser settings or contact your system administrator.

Note: this page contains paid content.