Kevin Beaumont on Nostr: CISA advisory says the zero day exploitation of #MobileIron was happening from "at ...
CISA advisory says the zero day exploitation of #MobileIron was happening from "at least" April 2023 (which backs up from I wrote in my blog - i.e. I can see exploitation in logs going back to early this year).
Threat actors were uploading webshells and such. #threatintel #mobileirony
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-213aPublished at
2023-08-03 08:24:26Event JSON
{
"id": "38d0c8d3ed4db3ba784e4986ac8b3586cb4a87060fc8d5f79d123a36f03d4d1f",
"pubkey": "f6870afcde4480ec8508f50304859e14a51309ff24ab3f0f862c52bdc4af8747",
"created_at": 1691051066,
"kind": 1,
"tags": [
[
"e",
"70404671675dd956d98a31c994539687edf024b02d43d4481a5b07ec4665d50f",
"wss://relay.mostr.pub",
"reply"
],
[
"t",
"mobileiron"
],
[
"t",
"threatintel"
],
[
"t",
"mobileirony"
],
[
"mostr",
"https://cyberplace.social/users/GossiTheDog/statuses/110824722693751385"
]
],
"content": "CISA advisory says the zero day exploitation of #MobileIron was happening from \"at least\" April 2023 (which backs up from I wrote in my blog - i.e. I can see exploitation in logs going back to early this year). \n\nThreat actors were uploading webshells and such. #threatintel #mobileirony \n\nhttps://www.cisa.gov/news-events/cybersecurity-advisories/aa23-213a",
"sig": "33a5a716d6a1706bb0c726f2b522bb470166dc4ddbef403e0d0235c06778622228ce6f968d29750c5a025c0fafa91aae7026fe601b0c551fc1371dc0d51a096f"
}
