From greynoise.io
Surge in Palo Alto Networks Scanner Activity Indicates Possible Upcoming Threats
2 4
Over the last 30 days, nearly 24,000 unique IP addresses have attempted to access these portals. The pattern suggests a coordinated effort to probe network defenses and identify exposed or vulnerable systems, potentially as a precursor to targeted exploitation.
#threatintel #infosec #cybersecurity
on Mon, 9PM
From greynoise.io
Heightened In-The-Wild Activity On Key Technologies Observed On March 28
1 1
GreyNoise observed a significant spike in activity targeting multiple edge technologies, including SonicWall, Zoho, Zyxel, F5, Linksys, and Ivanti systems.
#f5 #cve #zoho #ivanti #linksys #greynoise #sonicwall #vulnerability
2h ago
From greynoise.io
1 1
Get GreyNoise updates! Read the March 2025 NoiseLetter for product news, key resources, the latest tags and vulnerabilities, and more.
3h ago
From greynoise.io
Amid Reports of Worldwide Reboots, GreyNoise Observes In-the-Wild Activity Against DrayTek Routers
0 1
GreyNoise is bringing awareness to in-the-wild activity against several known vulnerabilities in DrayTek devices CVE-2020-8515, CVE-2021-20123, and CVE-2021-20124.
on Mar 25
From greynoise.io
GreyNoise Webinar - Mass Internet Exploitation in 2025
0 0
Join Bob Rudis, VP of Data Science, and Andrew Morris, Founder and Chief Architect, as they reveal key insights from the GreyNoise 2025 Mass Internet Exploitation Report.
on Mar 20
From greynoise.io
GreyNoise Observes Active Exploitation of Critical Apache Tomcat RCE Vulnerability (CVE-2025-24813)
0 0
Attackers are actively exploiting Apache Tomcat servers by leveraging CVE-2025-24813. If successfully exploited it could enable remote code execution. GreyNoise has identified multiple IPs engaging in this activity across multiple regions.
on Mar 20
From greynoise.io
GreyNoise - NoiseFest at RSAC 2025
0 1
Join us for NoiseFest at RSAC 2025 on April 30th, At the House of Shields. Enjoy drinks, snacks, and engaging conversations with your peers. RSVP now!
on Mar 19
From greynoise.io
Resurgence of In-The-Wild Activity Targeting Critical ServiceNow Vulnerabilities
0 0
GreyNoise has identified a notable resurgence of in-the-wild activity targeting three ServiceNow vulnerabilities CVE-2024-4879 (Critical), CVE-2024-5217 (Critical), and CVE-2024-5178 (Medium). These vulnerabilities reportedly may be chained together for full database access.
on Mar 18
From greynoise.io
New SSRF Exploitation Surge Serves as a Reminder of 2019 Capital One Breach
0 0
GreyNoise observed 400+ IPs exploiting multiple SSRF vulnerabilities across various platforms, with recent activity concentrated in Israel and the Netherlands.
on Mar 11
From greynoise.io
GreyNoise Detects Mass Exploitation of Critical PHP-CGI Vulnerability (CVE-2024-4577)
0 0
GreyNoise data confirms that exploitation of CVE-2024-4577 extends far beyond initial reports. Attack attempts have been observed across multiple regions, with notable spikes in the United States, Singapore, Japan, and other countries throughout January 2025.
on Mar 7
From greynoise.io
GreyNoise Detects Active Exploitation of Silk Typhoon-Linked CVEs
0 0
Silk Typhoon-linked CVEs are under active exploitation. GreyNoise observed 90+ threat IPs exploiting them in the past 24 hours, following Microsoft’s report on the group's evolving tactics.
on Mar 6
From greynoise.io
GreyNoise Observes Exploitation of Three Newly Added KEV Vulnerabilities
0 0
On March 3, 2025, the Cybersecurity and Infrastructure Security Agency added five vulnerabilities to its Known Exploited Vulnerabilities catalog, confirming their exploitation in the wild.
on Mar 4
From greynoise.io
New DDoS Botnet Discovered: Over 30,000 Hacked Devices, Majority of Observed Activity Traced to Iran
0 0
A newly discovered global cyber threat is rapidly expanding, infecting tens of thousands of internet-connected devices to launch powerful cyberattacks.
on Feb 28
From greynoise.io
0 0
Our latest report breaks down which CVEs were exploited most in 2024, how ransomware groups are leveraging mass exploitation, and why real-time intelligence is critical.
on Feb 27
From greynoise.io
GreyNoise 2025 Mass Internet Exploitation Report
0 0
The GreyNoise 2025 Mass Internet Exploitation Report breaks down real-world exploitation trends so security professionals can assess strategic changes to their cybersecurity program and prioritize what matters.
on Feb 27
From greynoise.io
GreyNoise Detects Active Exploitation of CVEs Mentioned in Black Basta’s Leaked Chat Logs
0 0
Ransomware group Black Basta’s chat logs were leaked, revealing 62 mentioned CVEs. GreyNoise identified 23 of these CVEs as actively exploited, with some targeted in the last 24 hours.
on Feb 26
From greynoise.io
GreyNoise Observes Active Exploitation of Cisco Vulnerabilities Tied to Salt Typhoon Attacks
0 0
GreyNoise has observed exploitation attempts targeting two Cisco vulnerabilities, CVE-2023-20198 and CVE-2018-0171.
on Feb 24
From greynoise.io
GreyNoise Observes Active Exploitation of PAN-OS Authentication Bypass Vulnerability (CVE-2025-0108)
0 0
GreyNoise has observed active exploitation attempts targeting a newly disclosed authentication bypass vulnerability, CVE-2025-0108, affecting Palo Alto Networks PAN-OS
on Feb 19
From greynoise.io
GreyNoise Observes Active Exploitation of PAN-OS Authentication Bypass Vulnerability (CVE-2025-0108)
0 0
GreyNoise has observed active exploitation attempts targeting a newly disclosed authentication bypass vulnerability, CVE-2025-0108, affecting Palo Alto Networks PAN-OS
on Feb 13
From greynoise.io
New Exploitation Surge: Attackers Target ThinkPHP and ownCloud Flaws at Scale | GreyNoise Blog
0 2
GreyNoise has detected a surge in exploitation attempts for two vulnerabilities—one flagged as a top target by government agencies and another flying under the radar despite real-world attacks. See the latest exploitation trends and why real-time intelligence is essential for risk management.
on Feb 12
From greynoise.io
0 0
Check out our monthly newsletter to see what we've been up to over the last 30ish days and what is coming up.
on Feb 3
From greynoise.io
0 0
Subscribe to our monthly NoiseLetter, the monthly GreyNoise newsletter where you will find product announcements, key resources, ways to get involved in our community, and most importantly a monthly video message from our CEO, Andrew Morris.
on Feb 1
From greynoise.io
Active Exploitation of Zero-day Zyxel CPE Vulnerability (CVE-2024-40891) | GreyNoise Blog
0 0
CVE-2024-40891: Zyxel CPE Zero-day Exploitation. Hackers are actively exploiting a telnet-based command injection vulnerability in Zyxel CPE devices, impacting 1,500+ exposed systems. No patch is available yet.
on Jan 28
From greynoise.io
Hackers Actively Exploiting Fortinet Firewalls: Real-Time Insights from GreyNoise | GreyNoise Blog
0 0
Discover how attackers are exploiting Fortinet FortiGate firewalls in real time. Get critical insights into malicious activities tied to CVE-2022-40684, helping defenders identify, track, and respond to threats effectively.
on Jan 28
From greynoise.io
Evaluating Threat Intelligence Providers: What Security Teams Need to Know | GreyNoise Blog
0 0
Discover whether your team truly needs a threat intelligence feed with our unbiased white paper. This practical guide helps cybersecurity professionals assess their needs, identify gaps, and confidently evaluate options for a tailored, effective cyber defense strategy.
on Jan 22
From greynoise.io
0 0
Check out our monthly newsletter to see what we've been up to over the last 30ish days and what is coming up.
on Jan 8
From greynoise.io
How to Choose the Right Threat Intelligence Provider
0 0
Learn how to choose the right threat intelligence provider with this practical guide to assessing gaps, enhancing capabilities, and building a proactive cyber defense strategy.
on Jan 8
From greynoise.io
GreyNoise | Sensors and benign scanner activity
0 0
See what kinds of opportunistic and random activity hit a newly-deployed GreyNoise sensor.
on Dec 23
From greynoise.io
Checking It Twice: Profiling Benign Internet Scanners — 2024 Edition | GreyNoise Blog
0 0
An analysis of benign internet scanner behavior across 24 new sensors in November 2024, examining discovery speed, port coverage, and vulnerability scanning capabilities of major services like ONYPHE, Censys, and ShadowServer. The study reveals most scanners found new assets within 5 minutes,...
on Dec 23
From greynoise.io
0 1
Check out our monthly newsletter to see what we've been up to over the last 30ish days and what is coming up.
on Dec 4
From greynoise.io
0 1
GreyNoise tells security analysts what not to worry about. Join the GreyNoise team and help develop the next generation of internet intelligence products.
on Dec 3
From greynoise.io
0 1
GreyNoise tells security analysts what not to worry about. Join the GreyNoise team and help develop the next generation of internet intelligence products.
on Dec 3
From greynoise.io
From Help Desk to CISO: How Communication Shapes Security Success | GreyNoise Blog
0 0
Effective communication is the most undervalued skill in cybersecurity, according to a Storm⚡️Watch podcast poll. Experts share insights on bridging technical complexity with business needs, using emotional intelligence, adaptability, and clarity to drive collaboration. Listen for actionable...
on Nov 27
From greynoise.io
0 0
Critical infrastructure faces rising risks from exposed industrial control systems (ICS) and unsecured human-machine interfaces (HMIs). Learn how attackers exploit these vulnerabilities and discover actionable steps to secure critical operations. Read more about key findings from the latest...
on Nov 21
From greynoise.io
CVESky: Bluesky CVE Leaderboard
0 0
Track trending CVE discussions and engagement on Bluesky. Powered by GreyNoise Labs, monitoring real-time CVE mentions across the Bluesky ecosystem.
on Nov 21
From greynoise.io
GreyNoise Webinar - Zero-Day Vulnerabilities Using AI
0 0
In this webinar we reveal how GreyNoise intercepted an attacker deploying a zero-day exploit in IoT-connected cameras, and how AI detected threats that would otherwise go unnoticed.
on Nov 6
From greynoise.io
0 0
Check out our monthly newsletter to see what we've been up to over the last 30ish days and what is coming up.
on Oct 31
From greynoise.io
0 0
Explore key insights from a multi-year APT campaign targeting network perimeter devices, with GreyNoise’s actionable strategies to help security teams defend against sophisticated threats.
on Oct 31
From greynoise.io
0 0
GreyNoise has discovered previously undisclosed zero-day vulnerabilities in IoT-connected live streaming cameras, leveraging AI to catch an attack before it could escalate. This marks one of the first instances where threat detection has been augmented by AI to discover zero-day vulnerabilities.
on Oct 31
From greynoise.io
GreyNoise Presents: Quarterly Roadmap Showcase
0 0
Join GreyNoise CPO, Corey Bodzin, for the GreyNoise Quarterly Roadmap Showcase, where we’ll dive deep into the advancements we've made and what lies ahead for GreyNoise.
on Oct 22
From greynoise.io
0 0
Joint U.S. and UK advisory identifies 24 vulnerabilities exploited by Russian state-sponsored APT 29, with GreyNoise detecting active probing on nine of these critical CVEs. Stay informed with real-time intelligence to prioritize patching and strengthen your organization's defenses against...
on Oct 17
From greynoise.io
Protecting Democracy From The Growing Threat of Deepfakes and Disinformation | GreyNoise Blog
0 0
Deepfakes and disinformation campaigns are reshaping the election cybersecurity landscape, threatening the integrity of democratic processes. This final part of our series explores how AI-driven tools spread false narratives, erode trust, and increase polarization, while outlining the urgent...
on Oct 9
From greynoise.io
0 0
Check out our monthly newsletter to see what we've been up to over the last 30ish days and what is coming up.
on Oct 2
From greynoise.io
What Are Hackers Searching for in SolarWinds Serv-U (CVE-2024-28995)?
0 0
GreyNoise’s honeypots monitor exploit attempts on SolarWinds Serv-U (CVE-2024-28995), revealing attacker targets and real-time threat data. Read our full blog for insights.
on Sep 30
From greynoise.io
Phishing and Social Engineering: The Human Factor in Election Security | GreyNoise Blog
0 0
Discover how phishing and social engineering threaten the 2024 U.S. elections in part three of our 'Election Cybersecurity' series. Learn how attackers exploit human vulnerabilities to compromise systems and how to defend against these evolving threats.
on Sep 25
From greynoise.io
Tag Details | GreyNoise Visualizer
0 1
At GreyNoise, we collect and analyze untargeted, widespread, and opportunistic scan and attack activity that reaches every server directly connected to the Internet.
on Sep 21
From greynoise.io
0 0
Discover the latest findings from Censys and GreyNoise on the real-world threats facing internet-exposed Industrial Control Systems (ICS). At LABSCon 2024, they revealed surprising research on how attackers prioritize common Remote Access Service (RAS) protocols over ICS-specific communication,...
on Sep 21
From greynoise.io
GreyNoise | Meet with us at mWISE
0 0
GreyNoise is excited to sponsor Mandiant's mWISE conference this year. If you will be there we would love to meet up or come by our booth for some awesome swag.
on Sep 16