As on November 3, CYFIRMA Threat Intelligence had observed heightened interest in Korean and Russian speaking hacker groups about the PHP-FPM Vulnerability with NGINX tracked as CVE-201911043, an Arbitrary Code Execution Vulnerability.
This instance pointed to hackers seemingly working on reconnaissance tools to identify systems at a global scale which are using vulnerable PHP and NGINX combination.
The following details were associated with this campaign:
CYFIRMA Risk Rating for this Out of Band Notification was: CRITICAL
Analysis of captured hackers’ footprints and correlation with external threat vectors, indicate that this is a potential threat, and organizations were advised to take precautionary measures as discussed in the following report.
If you would like to read the report, please take a moment to complete the following form.