Microsoft Defender for Cloud has detected suspicious activity in your environment
Archana Kumari
Microsoft Defender for Cloud has detected suspicious activity in your resource
'TurtlePerlsh' high-severity malware was detected during a scheduled scan
High-severity malware refers tools used by advanced Threat Activity Groups to target victims. Such Activity Groups may target individuals or institutions. They typically engage on industrial, military, diplomatic, and political espionage rather than more mundane activities such as identity theft or denial of service attacks. Some groups engage in acts of deliberate sabotage and destruction in order to cause real-world effects, such as disruptions to the victim's operations. This category of malware includes tools such as: - Exploits used to gain access to targeted computers or escalate privileges on infected computers; - Backdoors used to maintain persistent command and control over infected computers in a stealthy manner; - Lateral movement tools that permit attackers to scan the local network, locate targets of interest, and access additional computers; - Counter-forensics tools used to delay and disrupt incident response activities, including destructive malware that can render computers inoperable; - Weaponized tools that enable acts of deliberate sabotage or destruction or denial of service.
June 3, 2024 6:19 UTC
Archana Kumari
Malicious files:
fuzzdboffensive-release-4.zap
cmdjsp.jsp
ntdaddy.asp
cmd.aspx
browser.jsp
jsp-reverse.jsp
cmd.asp
cmdasp.aspx
shell.asp
cmdasp.asp
cmd_win32.jsp
cmd.jsp
Thanks!
thc...@gmail.com
See:
https://www.zaproxy.org/docs/desktop/addons/fuzzdb-offensive/
*This add-on contains files that may be flagged by anti-virus tools.*
Best regards.
On 10/06/2024 11:34, Archana Kumari wrote:
> Hello team,
>
> We have received below files in one of the scan. These files are marked as
> malicious and 'TurtlePerlsh' high-severity malware was detected during a
> scheduled scan. Please give insights on the same.
>
> fuzzdboffensive-release-4.zap
>
> cmdjsp.jsp
>
> ntdaddy.asp
>
> cmd.aspx
>
> browser.jsp
>
> jsp-reverse.jsp
>
> cmd.asp
>
> cmdasp.aspx
>
> shell.asp
>
> cmdasp.asp
>
> cmd_win32.jsp
>
> cmd.jsp
>
>
> On Friday, June 7, 2024 at 1:32:05 PM UTC+5:30 Archana Kumari wrote:
>
>> Hi team,
>>
>> We have received below mail from Microsoft Defender. We have integrated
>> ZAP tool in our CI/CD pipeline for DAST and PEN scanning. The below
>> mentioned bug has been reported as a critical bug. Please suggest.
>>
>> Microsoft Defender for Cloud has detected suspicious activity in your
>> resource
>>
>>
>>
>>
>>
>>
>>
Archana Kumari
--
For commercial support options see https://www.zaproxy.org/support/
ZAP is supported by the Crash Override Open Source Fellowship https://crashoverride.com/open-source?zap=user
---
You received this message because you are subscribed to a topic in the Google Groups "ZAP User Group" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/zaproxy-users/_4AucNJLvqE/unsubscribe.
To unsubscribe from this group and all its topics, send an email to zaproxy-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/zaproxy-users/a6955e1a-814d-4952-994d-308331d9ce38%40gmail.com.
Archana Kumari
kingthorin+zap
Archana Kumari
To view this discussion on the web visit https://groups.google.com/d/msgid/zaproxy-users/34daea9b-894a-49cd-9cc7-8d271f55d407n%40googlegroups.com.