Tag
critical
advisory
Ivanti VTM Administrator Account Creation via CVE-2024-7593
2 rules 2 TTPs 1 CVEUnauthenticated remote attackers are exploiting CVE-2024-7593 in Ivanti Virtual Traffic Manager (vTM) to bypass authentication and create new administrator accounts, potentially leading to full system compromise.
Ivanti Virtual Traffic Manager
ivanti
cve-2024-7593
authentication-bypass
account-creation
2r
2t
1c
low
advisory
Windows User Account Creation via net.exe
3 rules 2 TTPsAttackers may create new accounts on Windows systems using `net.exe` to maintain access and establish persistence, which this detection identifies.
Windows
persistence
account-creation
3r
2t
medium
advisory
Cisco ASA - New Local User Account Creation
2 rules 2 TTPsDetection of new user account creations on Cisco ASA devices, potentially indicating unauthorized access or persistence attempts by adversaries.
Cisco ASA
cisco-asa
account-creation
persistence
2r
2t