Tag
Adversaries Leveraging AI for Vulnerability Exploitation and Augmented Operations
2 rules 3 TTPsThreat actors are leveraging AI to enhance vulnerability discovery, exploit development, defense evasion, and autonomous operations, with state-sponsored groups showing particular interest in AI-driven vulnerability research and exploit generation.
State-Sponsored Actors Leveraging Vulnerabilities and Identity for Persistent Access (2025)
2 rules 6 TTPsIn 2025, state-sponsored actors from China, Russia, North Korea, and Iran leveraged vulnerabilities and identity compromise for initial access, focusing on persistence for long-term espionage or disruption.
Multiple Network Intrusion Attempts Detected
3 rules 2 TTPs 8 IOCsMultiple network-based intrusion attempts were detected on 2026-03-14, targeting PHP information exposure, Fortigate VPN exploitation, sensitive file access, and credential exposure.
KRVTZ-NET IDS Alerts Analysis: Network Scanning and Exploitation Attempts
3 rules 4 TTPsMultiple IDS alerts indicate potential network reconnaissance, vulnerability exploitation attempts targeting Fortigate VPN (CVE-2023-27997), and ColdFusion servers originating from various IP addresses on March 13, 2026.