Last year, a command injection vulnerability, CVE-2023-1389, was disclosed, and a fix was developed for the web management interface of the TP-Link Archer AX21 (AX1800). FortiGuard Labs has developed an IPS signature to tackle this issue. Recently, they observed multiple attacks focusing on this year-old vulnerability, spotlighting botnets like Moobot, Miori, the Golang-based agent “AGoent,” and the Gafgyt Variant. Peaks caused by these threats are evident in the following figure. The below r
ir-24-108-001 (2)
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associated