Tag
high
advisory
State-Sponsored Actors Leveraging Vulnerabilities and Identity for Persistent Access (2025)
2 rules 6 TTPsIn 2025, state-sponsored actors from China, Russia, North Korea, and Iran leveraged vulnerabilities and identity compromise for initial access, focusing on persistence for long-term espionage or disruption.
state-sponsored
apt
persistence
vulnerability-exploitation
2r
6t
high
advisory
Multiple Network Intrusion Attempts Detected
3 rules 2 TTPs 8 IOCsMultiple network-based intrusion attempts were detected on 2026-03-14, targeting PHP information exposure, Fortigate VPN exploitation, sensitive file access, and credential exposure.
network-intrusion
vulnerability-exploitation
information-disclosure
3r
2t
8i
medium
advisory
KRVTZ-NET IDS Alerts Analysis: Network Scanning and Exploitation Attempts
3 rules 4 TTPs 13 IOCsMultiple IDS alerts indicate potential network reconnaissance, vulnerability exploitation attempts targeting Fortigate VPN (CVE-2023-27997), and ColdFusion servers originating from various IP addresses on March 13, 2026.
network-scanning
vulnerability-exploitation
fortigate
coldfusion
cve-2023-27997
3r
4t
13i