Out of band notification, UPDATE – PHP ACE VULNERABILITY
Nov 12, 2019
As on November 3, CYFIRMA Threat Intelligence had observed heightened interest in Korean and Russian speaking hacker groups about the PHP-FPM Vulnerability with NGINX tracked as CVE-201911043, an Arbitrary Code Execution Vulnerability.
This instance pointed to hackers seemingly working on reconnaissance tools to identify systems at a global scale which are using vulnerable PHP and NGINX combination.
The following details were associated with this campaign:
Target Nations: USA, UK, Australia, Japan, and India
Industry sector: Financial, Insurance, Manufacturing, Online platforms, payment systems, B2C retails platforms, etc.
Motivation: Data exfiltration, reputational damage
CYFIRMA Risk Rating for this Out of Band Notification was: CRITICAL
Analysis of captured hackers’ footprints and correlation with external threat vectors, indicate that this is a potential threat, and organizations were advised to take precautionary measures as discussed in the following report.
Please complete the form to download this Out of Band Notification report.