Massive ORB Proxy Networks Used by State Threat Actors to Evade Detection

May 24, 2024

APT32 SeaLotus aka OceanLotus Group – Active IOCs

May 24, 2024

CVE-2024-31340 – TP-Link Tether and TP-Link Tapo Vulnerability

May 24, 2024

Severity

Medium

Analysis Summary

CVE-2024-31340

TP-Link Tether and TP-Link Tapo is vulnerable to a man-in-the-middle attack, caused by improper server certificate verification. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and eavesdrop on an encrypted communication.

Impact

Gain Access

Indicators of Compromise

CVE

CVE-2024-31340

Affected Vendors

TP-Link

Affected Products

TP-Link Tether
TP-Link Tapo

Remediation

Refer to TP-Link Website for patch, upgrade, or suggested workaround information.

TP-Link Website

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

CVE-2025-6554 – Google Chrome Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Massive ORB Proxy Networks Used by State Threat Actors to Evade Detection

APT32 SeaLotus aka OceanLotus Group – Active IOCs

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation