Common Information
| Type | Value |
|---|---|
| Value |
mstsc.exe |
| Category | |
| Type | File |
| Misp Type | |
| Description |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-11 | 11 | EDR: Don’t mess with my config | ||
| Details | Website | 2024-11-07 | 3 | 亚马逊查获使用恶意远程桌面操作以窃取数据的域名 - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com | ||
| Details | Website | 2024-11-07 | 28 | Helldown Ransomware – A New Emerging Ransomware Threat | ||
| Details | Website | 2024-11-04 | 3 | Sophisticated Phishing Attack Targeting Ukraine Military Sectors | ||
| Details | Website | 2024-10-31 | 3 | Russian hackers deliver malicious RDP configuration files to thousands | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | ||
| Details | Website | 2024-10-29 | 2 | UAC-0215 Phishing Campaign Targets Ukraine's Critical Sectors | ||
| Details | Website | 2024-10-26 | 2 | アマゾン、データを盗む不正リモート・デスクトップ・キャンペーンに使われたドメインを押収 - PRSOL:CC | ||
| Details | Website | 2024-10-25 | 3 | Amazon seizes domains used in rogue Remote Desktop campaign to steal data | ||
| Details | Website | 2024-10-24 | 4 | “Rogue RDP” Attack Detection: UAC-0215 Leverages RDP Configuration Files to Gain Remote Access to Ukrainian Public Sector Computers - SOC Prime | ||
| Details | Website | 2024-10-23 | 92 | Rogue RDP Files Used in Latest Campaign Targeting Ukrainian Government, Military | ||
| Details | Website | 2024-10-18 | 2 | Iran-linked actors target critical infrastructure organizations | ||
| Details | Website | 2024-10-18 | 27 | Iranian Cyber Actors’ Brute Force and Credential Access Attacks: CISA Alert AA24-290A | ||
| Details | Website | 2024-10-18 | 3 | AFP & ACSC Joint Cybersecurity Advisory Flags Iranian Bad Actors | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-10-17 | 5 | SafeBreach Coverage for US CERT AA24-290A (Iranian Cyber Actors) | ||
| Details | Website | 2024-10-16 | 4 | Iran Targets Critical Infrastructure with Brute-Force Attacks: CISA and FBI | ||
| Details | Website | 2024-10-16 | 108 | Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations | CISA | ||
| Details | Website | 2024-10-15 | 275 | SideWinder APT’s post-exploitation framework analysis | ||
| Details | Website | 2024-09-20 | 143 | Twelve: from initial compromise to ransomware and wipers | ||
| Details | Website | 2024-09-19 | 19 | The Windows Security Journey — RestrictedAdminMode for RDP (Remote Desktop Protocol Restricted… | ||
| Details | Website | 2024-09-16 | 1 | Crimson Palace Returns With New Hacking Tolls And Tactics | ||
| Details | Website | 2024-09-16 | 11 | Crimson Palace Returns With New Hacking Tolls And Tactics | ||
| Details | Website | 2024-09-10 | 96 | Crimson Palace returns: New Tools, Tactics, and Targets | ||
| Details | Website | 2024-09-08 | 114 | 深入剖析针对中国用户的攻击活动(判断为Hvv样本被捕获了,红队速来认领) | CTF导航 | ||
| Details | Website | 2024-08-30 | 97 | From Cobalt Strike to Mimikatz: A Deep Dive into the SLOW#TEMPEST Campaign Targeting Chinese Users | ||
| Details | 2024-07-04 | 66 | Defending Against OS Credential Dumping: Threat Landscape, Strategies, and Best Practices |