Threat Actor Targets Several Industries in Pakistan and Hong Kong – Active IOCs

October 25, 2024

APT29 aka Nobelium – Active IOCs

October 25, 2024

CVE-2024-20481 – Cisco Adaptive Security Appliance and Firepower Threat Defense Software Vulnerability Exploit in the Wild

October 25, 2024

Severity

Medium

Analysis Summary

CVE-2024-20481

Cisco Adaptive Security Appliance and Firepower Threat Defense Software is vulnerable to a denial of service, caused by a resource exhaustion flaw. By sending specially crafted VPN authentication requests, a remote attacker could exploit this vulnerability to cause a denial of service condition on the RAVPN service.

Impact

Denial of Service

Indicators of Compromise

CVE

CVE-2024-20481

Affected Vendors

Cisco

Affected Products

Cisco Adaptive Security Appliance (ASA) Software
Cisco Firepower Threat Defense (FTD) Software

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.

Cisco Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

CVE-2025-6554 – Google Chrome Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Threat Actor Targets Several Industries in Pakistan and Hong Kong – Active IOCs

APT29 aka Nobelium – Active IOCs

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation