THREAT
Common Information
| Type | Value |
|---|---|
| UUID | 302b25fe-f7ce-4a44-8e3c-fcfaf67364cf |
| Fingerprint | f7317b09577b951686da85a75dcf14999470124dd0fd94d5347fd224b1f872ca |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | March 13, 2024, 12:56 p.m. |
| Added to db | June 7, 2024, 2:42 p.m. |
| Last updated | Aug. 31, 2024, 7:50 a.m. |
| Headline | THREAT |
| Title | THREAT |
| Detected Hints/Tags/Attributes | 427/4/283 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 116 | cve-2023-4966 |
|
| Details | CVE | 1 | cve-2023-2026982 |
|
| Details | CVE | 1 | cve-2023-3883185 |
|
| Details | CVE | 1 | cve-2023-4279388 |
|
| Details | CVE | 1 | cve-2023-4674791 |
|
| Details | CVE | 1 | cve-2023-4724693 |
|
| Details | CVE | 1 | cve-2023-496697 |
|
| Details | CVE | 1 | cve-2023-4907099 |
|
| Details | CVE | 4 | cve-2023-49070 |
|
| Details | CVE | 10 | cve-2023-51467 |
|
| Details | CVE | 35 | cve-2023-4911 |
|
| Details | CVE | 23 | cve-2023-20269 |
|
| Details | CVE | 133 | cve-2023-38831 |
|
| Details | CVE | 53 | cve-2023-42793 |
|
| Details | CVE | 55 | cve-2023-46747 |
|
| Details | CVE | 31 | cve-2023-47246 |
|
| Details | Domain | 117 | ld.so |
|
| Details | Domain | 5 | sam.hiv |
|
| Details | Domain | 339 | system.net |
|
| Details | Domain | 372 | wscript.shell |
|
| Details | Domain | 831 | example.com |
|
| Details | Domain | 360 | attack.mitre.org |
|
| Details | Domain | 37 | www.blackberry.com |
|
| Details | Domain | 32 | www.techtarget.com |
|
| Details | Domain | 3 | d3fend.mitre.org |
|
| Details | Domain | 35 | www.cnn.com |
|
| Details | Domain | 10 | www.abc.net.au |
|
| Details | Domain | 14 | www.cyber.gov.au |
|
| Details | Domain | 3 | www.homeaffairs.gov.au |
|
| Details | Domain | 469 | www.cisa.gov |
|
| Details | Domain | 8 | www.rnbo.gov.ua |
|
| Details | Domain | 280 | thehackernews.com |
|
| Details | Domain | 25 | www.databreaches.net |
|
| Details | Domain | 1 | morrisonhospital.com |
|
| Details | Domain | 251 | www.bleepingcomputer.com |
|
| Details | Domain | 1373 | twitter.com |
|
| Details | Domain | 1 | www.caribbean-council.org |
|
| Details | Domain | 1 | technewstt.com |
|
| Details | Domain | 1 | cybotsai.com |
|
| Details | Domain | 2 | www.waterisac.org |
|
| Details | Domain | 99 | therecord.media |
|
| Details | Domain | 1 | www.kho.de |
|
| Details | Domain | 641 | nvd.nist.gov |
|
| Details | Domain | 20 | www.nomoreransom.org |
|
| Details | Domain | 132 | www.rsaconference.com |
|
| Details | Domain | 83 | cert.gov.ua |
|
| Details | Domain | 138 | www.darkreading.com |
|
| Details | Domain | 2 | www.securityinfowatch.com |
|
| Details | Domain | 27 | www.weforum.org |
|
| Details | Domain | 23 | www.gov.uk |
|
| Details | Domain | 1 | ised-isde.canada.ca |
|
| Details | Domain | 16 | www.europarl.europa.eu |
|
| Details | Domain | 45 | www.whitehouse.gov |
|
| Details | Domain | 98 | www.ncsc.gov.uk |
|
| Details | Domain | 123 | www.reuters.com |
|
| Details | Domain | 14 | www.cbc.ca |
|
| Details | Domain | 4 | www.cyber.gc.ca |
|
| Details | Domain | 1 | www.european-cyber-resilience-act.com |
|
| Details | Domain | 14 | time.com |
|
| Details | Domain | 8 | www.foreignaffairs.com |
|
| Details | Domain | 177 | www.wired.com |
|
| Details | Domain | 41 | www.hhs.gov |
|
| Details | Domain | 54 | www.csoonline.com |
|
| Details | Domain | 8 | www.aha.org |
|
| Details | Domain | 20 | sec.cloudapps.cisco.com |
|
| Details | Domain | 78 | socradar.io |
|
| Details | Domain | 6 | blog.cluster25.duskrise.com |
|
| Details | Domain | 25 | my.f5.com |
|
| Details | Domain | 110 | owasp.org |
|
| Details | Domain | 2 | www.sysaid.com |
|
| Details | Domain | 4 | www.securityjoes.com |
|
| Details | Domain | 675 | www.linkedin.com |
|
| Details | Domain | 622 | en.wikipedia.org |
|
| Details | Domain | 14 | gs.statcounter.com |
|
| Details | Domain | 111 | www.justice.gov |
|
| Details | Domain | 79 | blog.checkpoint.com |
|
| Details | Domain | 128 | www.fbi.gov |
|
| Details | Domain | 202 | krebsonsecurity.com |
|
| Details | Domain | 14 | healthitsecurity.com |
|
| Details | Domain | 27 | apnews.com |
|
| Details | Domain | 7 | www.stationx.net |
|
| Details | Domain | 4 | www.euronews.com |
|
| Details | Domain | 22 | www.cbsnews.com |
|
| Details | Domain | 1 | noticias.r7.com |
|
| Details | Domain | 71 | cybernews.com |
|
| Details | Domain | 182 | www.mandiant.com |
|
| Details | Domain | 36 | www.volexity.com |
|
| Details | Domain | 29 | blackberry.com |
|
| Details | File | 1208 | powershell.exe |
|
| Details | File | 58 | test.exe |
|
| Details | File | 21 | c:\windows\system32\reg.exe |
|
| Details | File | 2 | sc.ps1 |
|
| Details | File | 1018 | rundll32.exe |
|
| Details | File | 6 | c:\windows\system32\davclnt.dll |
|
| Details | File | 4 | sound.wav |
|
| Details | File | 459 | regsvr32.exe |
|
| Details | File | 47 | cmstp.exe |
|
| Details | File | 456 | mshta.exe |
|
| Details | File | 226 | certutil.exe |
|
| Details | File | 1 | c:\a\badfile.txt |
|
| Details | File | 1 | adsdll.dll |
|
| Details | File | 1 | -certutil.exe |
|
| Details | File | 2 | malicious.inf |
|
| Details | File | 62 | scrobj.dll |
|
| Details | File | 816 | index.html |
|
| Details | File | 1 | ber-security-strategy.pdf |
|
| Details | File | 1 | ukrainian%20institutions.pdf |
|
| Details | File | 1 | bos.html |
|
| Details | File | 104 | www.dat |
|
| Details | File | 1 | ant.html |
|
| Details | File | 1204 | index.php |
|
| Details | File | 4 | decryption-tools.html |
|
| Details | File | 2 | ment.pdf |
|
| Details | File | 1 | ncta-2023-24-web.pdf |
|
| Details | File | 1 | ing-the-cyberattack-on-change-healthcare.html |
|
| Details | File | 252 | www.cs |
|
| Details | File | 1 | nates-ransomware-space-after-moveit-exploit-campaign.html |
|
| Details | File | 1 | lyst-note.pdf |
|
| Details | File | 50 | www.sys |
|
| Details | md5 | 1 | ce415e9ea0f11d31e6cf3e401a264d3c |
|
| Details | MITRE ATT&CK Techniques | 191 | T1133 |
|
| Details | MITRE ATT&CK Techniques | 41 | T1078.001 |
|
| Details | MITRE ATT&CK Techniques | 4 | T0812 |
|
| Details | MITRE ATT&CK Techniques | 12 | T1608.006 |
|
| Details | MITRE ATT&CK Techniques | 440 | T1055 |
|
| Details | MITRE ATT&CK Techniques | 152 | T1056 |
|
| Details | MITRE ATT&CK Techniques | 1006 | T1082 |
|
| Details | MITRE ATT&CK Techniques | 227 | T1574.002 |
|
| Details | MITRE ATT&CK Techniques | 159 | T1095 |
|
| Details | MITRE ATT&CK Techniques | 444 | T1071 |
|
| Details | MITRE ATT&CK Techniques | 695 | T1059 |
|
| Details | MITRE ATT&CK Techniques | 480 | T1053 |
|
| Details | MITRE ATT&CK Techniques | 380 | T1547.001 |
|
| Details | MITRE ATT&CK Techniques | 348 | T1036 |
|
| Details | MITRE ATT&CK Techniques | 55 | T1091 |
|
| Details | MITRE ATT&CK Techniques | 180 | T1543.003 |
|
| Details | MITRE ATT&CK Techniques | 585 | T1083 |
|
| Details | MITRE ATT&CK Techniques | 310 | T1047 |
|
| Details | MITRE ATT&CK Techniques | 243 | T1018 |
|
| Details | MITRE ATT&CK Techniques | 238 | T1497 |
|
| Details | MITRE ATT&CK Techniques | 33 | T1080 |
|
| Details | MITRE ATT&CK Techniques | 298 | T1562.001 |
|
| Details | MITRE ATT&CK Techniques | 433 | T1057 |
|
| Details | MITRE ATT&CK Techniques | 472 | T1486 |
|
| Details | MITRE ATT&CK Techniques | 164 | T1574 |
|
| Details | MITRE ATT&CK Techniques | 460 | T1059.001 |
|
| Details | MITRE ATT&CK Techniques | 43 | T1003.002 |
|
| Details | MITRE ATT&CK Techniques | 492 | T1105 |
|
| Details | MITRE ATT&CK Techniques | 119 | T1218.011 |
|
| Details | MITRE ATT&CK Techniques | 173 | T1003.001 |
|
| Details | MITRE ATT&CK Techniques | 116 | T1560.001 |
|
| Details | MITRE ATT&CK Techniques | 6 | T1553.004 |
|
| Details | MITRE ATT&CK Techniques | 59 | T1218.005 |
|
| Details | MITRE ATT&CK Techniques | 44 | T1218.010 |
|
| Details | MITRE ATT&CK Techniques | 306 | T1078 |
|
| Details | MITRE ATT&CK Techniques | 46 | T1608 |
|
| Details | MITRE ATT&CK Techniques | 289 | T1003 |
|
| Details | Threat Actor Identifier - APT | 665 | APT29 |
|
| Details | Url | 1 | http://x.x.x.x/test.exe |
|
| Details | Url | 1 | http://x.x.x.x/sc.ps1 |
|
| Details | Url | 1 | http://x.x.x.x/x/sound.wav |
|
| Details | Url | 1 | http://example.com/malwarepayload |
|
| Details | Url | 2 | https://webserver/payload.sct |
|
| Details | Url | 1 | http://example.com/malicious.sct |
|
| Details | Url | 1 | https://attack.mitre.org/techniques/. |
|
| Details | Url | 1 | https://www.techtarget.com/searchsecurity/news/366570614/opera- |
|
| Details | Url | 57 | https://attack.mitre.org |
|
| Details | Url | 2 | https://d3fend.mitre.org |
|
| Details | Url | 1 | https://www.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong- |
|
| Details | Url | 1 | https://www.abc.net.au/news/2023-11-15/asd-reports-increase-in-cyber- |
|
| Details | Url | 1 | https://www.cyber.gov.au/about-us/reports-and-statistics/asd-cyber- |
|
| Details | Url | 1 | https://www.homeaffairs.gov.au/cyber-security-subsite/files/2023-cy- |
|
| Details | Url | 1 | https://www.cisa.gov/topics/critical-infrastructure-security-and-resilience |
|
| Details | Url | 1 | https://www.cisa.gov/topics/critical-infrastructure-security-and-resil- |
|
| Details | Url | 1 | https://www.rnbo.gov.ua/files/2023_year/cybercenter/octo- |
|
| Details | Url | 1 | https://thehackernews.com/2023/11/8base-group-deploying-new-pho- |
|
| Details | Url | 1 | https://www.databreaches.net/blackcat-threatens-to-leak-da- |
|
| Details | Url | 1 | https://morrisonhospital.com/notice-of-data-security-incident |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/slovenias-larg- |
|
| Details | Url | 1 | https://twitter.com/falconfeedsio/status/1733732023372599437 |
|
| Details | Url | 1 | https://www.caribbean-council.org/trinidads-state-telecoms-compa- |
|
| Details | Url | 1 | https://technewstt.com/tstt-ransomexx-exploit |
|
| Details | Url | 1 | https://cybotsai.com/what-is-ransomexx |
|
| Details | Url | 1 | https://thehackernews.com/2022/11/new-ransomexx-ransomware-vari- |
|
| Details | Url | 1 | https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-uni- |
|
| Details | Url | 1 | https://www.waterisac.org/portal/tlpclear-water-utility-control-sys- |
|
| Details | Url | 1 | https://therecord.media/lockbit-relaunch-attempt-follwing-takedown |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/lockbit-ransom- |
|
| Details | Url | 1 | https://www.kho.de/kho/index.php |
|
| Details | Url | 1 | https://nvd.nist.gov/vuln/detail/cve-2023-4966 |
|
| Details | Url | 1 | https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-325a |
|
| Details | Url | 3 | https://www.nomoreransom.org/en/decryption-tools.html |
|
| Details | Url | 1 | https://www.rsaconference.com/library/presentation/usa/2023 |
|
| Details | Url | 1 | https://cert.gov.ua/article/6276652 |
|
| Details | Url | 1 | https://therecord.media/cyber-toufan-data-breaches-israel-iran-palestin- |
|
| Details | Url | 1 | https://www.darkreading.com/cyberattacks-data-breaches/-cyber-tou- |
|
| Details | Url | 1 | https://www.securityinfowatch.com/cybersecurity/article/53081265/15- |
|
| Details | Url | 1 | https://www.darkreading.com/cyberattacks-data-breaches/massive-da- |
|
| Details | Url | 1 | https://www.weforum.org/publications/global-risks-report-2024 |
|
| Details | Url | 1 | https://www.cisa.gov/ai/roadmap-faqs |
|
| Details | Url | 1 | https://www.gov.uk/government/topical-events/ai-safety-summit-2023 |
|
| Details | Url | 1 | https://ised-isde.canada.ca/site/ised/en/voluntary-code-conduct-re- |
|
| Details | Url | 1 | https://www.europarl.europa.eu/news/en/headlines/soci- |
|
| Details | Url | 1 | https://www.whitehouse.gov/briefing-room/statements-releas- |
|
| Details | Url | 1 | https://www.ncsc.gov.uk/files/guidelines-for-secure-ai-system-develop- |
|
| Details | Url | 1 | https://www.whitehouse.gov/briefing-room/presidential-ac- |
|
| Details | Url | 1 | https://www.reuters.com/world/us/chinese-hackers-stole-60000-emails- |
|
| Details | Url | 1 | https://www.cbc.ca/news/politics/global-affairs-securi- |
|
| Details | Url | 1 | https://www.cyber.gc.ca/sites/default/files/ncta-2023-24-web.pdf |
|
| Details | Url | 1 | https://www.abc.net.au/news/2022-09-22/optus-hit-with-cyber-at- |
|
| Details | Url | 1 | https://www.abc.net.au/news/2022-10-25/medibank-breach-wid- |
|
| Details | Url | 1 | https://www.european-cyber-resilience-act.com/#: |
|
| Details | Url | 1 | https://www.homeaffairs.gov.au/about-us/our-portfolios/cyber-security |
|
| Details | Url | 1 | https://time.com/6550920/world-elections-2024 |
|
| Details | Url | 1 | https://www.foreignaffairs.com/united-states/artificial-intelligenc- |
|
| Details | Url | 7 | https://attack.mitre.org/techniques/t1133 |
|
| Details | Url | 1 | https://attack.mitre.org/techniques/t1078/001 |
|
| Details | Url | 1 | https://attack.mitre.org/techniques/t0812 |
|
| Details | Url | 2 | https://attack.mitre.org/techniques/t1608/006 |
|
| Details | Url | 1 | https://attack.mitre.org/groups/g0127 |
|
| Details | Url | 2 | https://attack.mitre.org/software/s1068 |
|
| Details | Url | 1 | https://attack.mitre.org/software/s0029 |
|
| Details | Url | 7 | https://attack.mitre.org/software/s0154 |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/alphv-ransomware- |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/blackcat-ransom- |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/mgm-casinos-es- |
|
| Details | Url | 2 | https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-353a |
|
| Details | Url | 1 | https://www.wired.com/story/alphv-change-healthcare-ransom- |
|
| Details | Url | 1 | https://www.hhs.gov/about/news/2024/03/05/hhs-statement-regard- |
|
| Details | Url | 1 | https://www.csoonline.com/article/650272/clop-ransomware-domi- |
|
| Details | Url | 1 | https://www.aha.org/cybersecurity-government-intelligence-re- |
|
| Details | Url | 1 | https://www.hhs.gov/sites/default/files/8base-ransomware-ana- |
|
| Details | Url | 3 | https://attack.mitre.org/techniques/t1003/001 |
|
| Details | Url | 1 | https://nvd.nist.gov/vuln/detail/cve-2023-20269 |
|
| Details | Url | 1 | https://sec.cloudapps.cisco.com/security/center/content/ciscosecuri- |
|
| Details | Url | 1 | https://socradar.io/cisco-zero-day-vulnerability-exploited-by-lock- |
|
| Details | Url | 2 | https://nvd.nist.gov/vuln/detail/cve-2023-38831 |
|
| Details | Url | 1 | https://therecord.media/russia-china-hackers-exploit-winrar-bug |
|
| Details | Url | 1 | https://blog.cluster25.duskrise.com/2023/10/12/cve-2023-38831-rus- |
|
| Details | Url | 1 | https://nvd.nist.gov/vuln/detail/cve-2023-42793 |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/north-korean-hack- |
|
| Details | Url | 4 | https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a |
|
| Details | Url | 1 | https://nvd.nist.gov/vuln/detail/cve-2023-46747# |
|
| Details | Url | 6 | https://my.f5.com/manage/s/article/k000137353 |
|
| Details | Url | 1 | https://nvd.nist.gov/vuln/detail/cve-2023-47246 |
|
| Details | Url | 3 | https://owasp.org/www-community/attacks/path_traversal |
|
| Details | Url | 1 | https://www.sysaid.com/blog/service-desk/on-premise-software-securi- |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/microsoft-sysaid-ze- |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/lockbit-ransomware- |
|
| Details | Url | 1 | https://nvd.nist.gov/vuln/detail/cve-2023-49070 |
|
| Details | Url | 1 | https://nvd.nist.gov/vuln/detail/cve-2023-51467 |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/apache-of- |
|
| Details | Url | 1 | https://nvd.nist.gov/vuln/detail/cve-2023-4911 |
|
| Details | Url | 1 | https://www.securityjoes.com/post/bibi-linux-a-new-wiper-dropped-by- |
|
| Details | Url | 1 | https://www.linkedin.com/pulse/bibi-wiper-gaza-war-now-goes-win- |
|
| Details | Url | 1 | https://en.wikipedia.org/wiki/2023_hamas_attack_on_israel |
|
| Details | Url | 1 | https://gs.statcounter.com/os-market-share/desktop/worldwide |
|
| Details | Url | 1 | https://www.justice.gov/usao-cdca/pr/qakbot-malware-disrupted-inter- |
|
| Details | Url | 1 | https://blog.checkpoint.com/security/check-point-shares-analysis-of- |
|
| Details | Url | 1 | https://www.fbi.gov/news/stories/fbi-partners-dismantle-qakbot-infra- |
|
| Details | Url | 1 | https://krebsonsecurity.com/2023/08/u-s-hacks-qakbot-quietly-re- |
|
| Details | Url | 1 | https://healthitsecurity.com/news/downloaders-ransom- |
|
| Details | Url | 1 | https://apnews.com/article/cybercrime-malware-fbi-tak- |
|
| Details | Url | 4 | https://attack.mitre.org/tactics/ta0004 |
|
| Details | Url | 3 | https://attack.mitre.org/tactics/ta0007 |
|
| Details | Url | 3 | https://attack.mitre.org/tactics/ta0009 |
|
| Details | Url | 8 | https://attack.mitre.org/techniques/t1055 |
|
| Details | Url | 1 | https://attack.mitre.org/techniques/t1056 |
|
| Details | Url | 12 | https://attack.mitre.org/techniques/t1082 |
|
| Details | Url | 13 | https://attack.mitre.org/techniques/t1574/002 |
|
| Details | Url | 1 | https://attack.mitre.org/techniques/t1095 |
|
| Details | Url | 1 | https://www.stationx.net/how-to-use-powershell-empire |
|
| Details | Url | 7 | https://attack.mitre.org/tactics/ta0006 |
|
| Details | Url | 3 | https://attack.mitre.org/tactics/ta0002 |
|
| Details | Url | 7 | https://attack.mitre.org/techniques/t1059/001 |
|
| Details | Url | 1 | https://www.euronews.com/2022/11/07/us-midterms-five-examples- |
|
| Details | Url | 1 | https://www.cbsnews.com/news/fake-biden-robocall-new-hamp- |
|
| Details | Url | 1 | https://noticias.r7.com/jr-na-tv/videos/golpe-do-ipva-criminosos-cri- |
|
| Details | Url | 1 | https://cybernews.com/security/billions-passwords-credentials-leaked- |
|
| Details | Url | 1 | https://www.mandiant.com/resources/blog/suspected-apt-tar- |
|
| Details | Url | 1 | https://www.volexity.com/blog/2024/01/10/active-exploita- |
|
| Details | Url | 1 | https://www.reuters.com/technology/record-breaking-2022-north-ko- |
|
| Details | Windows Registry Key | 24 | HKLM\SAM |