The advanced adversaries were observed exploiting and chaining zero-day vulnerabilities to establish beachhead access in the victim's network, indicating a high level of sophistication in their tactics.
On September 10, 2024, when the advisory for CVE-2024-8190 was published... the threat actor, still active in the customer’s network, 'patched' the command injection vulnerabilities.
In the past, threat actors have been observed to patch vulnerabilities after having exploited them, to stop any other intruder from gaining access to the vulnerable asset(s).
Collection
[
|
...
]