Threat Advisory
Common Information
| Type | Value |
|---|---|
| UUID | 3c465d8b-bc75-46a1-b569-280785b8522b |
| Fingerprint | 5830a1c7358562fd2fef05faf384b3550c038ef0cd4c598e5b065ce330e747f7 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Aug. 4, 2023, 7:47 p.m. |
| Added to db | Feb. 7, 2024, 7:21 p.m. |
| Last updated | Aug. 31, 2024, 2:20 a.m. |
| Headline | Threat Advisory |
| Title | Threat Advisory |
| Detected Hints/Tags/Attributes | 77/3/66 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 168 | cve-2021-34473 |
|
| Details | CVE | 143 | cve-2021-31207 |
|
| Details | CVE | 150 | cve-2018-13379 |
|
| Details | CVE | 397 | cve-2021-44228 |
|
| Details | CVE | 172 | cve-2022-30190 |
|
| Details | CVE | 142 | cve-2021-34523 |
|
| Details | CVE | 67 | cve-2021-40539 |
|
| Details | CVE | 80 | cve-2021-26084 |
|
| Details | CVE | 42 | cve-2022-22954 |
|
| Details | CVE | 19 | cve-2022-22960 |
|
| Details | CVE | 70 | cve-2022-1388 |
|
| Details | CVE | 122 | cve-2022-26134 |
|
| Details | Domain | 469 | www.cisa.gov |
|
| Details | Domain | 435 | www.hivepro.com |
|
| Details | Domain | 23 | fortiguard.com |
|
| Details | Domain | 80 | portal.msrc.microsoft.com |
|
| Details | Domain | 26 | www.manageengine.com |
|
| Details | Domain | 19 | jira.atlassian.com |
|
| Details | Domain | 23 | logging.apache.org |
|
| Details | Domain | 150 | www.vmware.com |
|
| Details | Domain | 33 | support.f5.com |
|
| Details | Domain | 452 | msrc.microsoft.com |
|
| Details | File | 1 | 215a_joint_csa_2022_top_routinely_exploited_vulnerabilities.pdf |
|
| Details | File | 2 | authentication-bypass-vulnerability-in-rest-api.html |
|
| Details | File | 64 | security.html |
|
| Details | File | 6 | vmsa-2022-0011.html |
|
| Details | IPv4 | 5 | 20.10.0.0 |
|
| Details | IPv4 | 3 | 16.1.2.1 |
|
| Details | MITRE ATT&CK Techniques | 245 | T1203 |
|
| Details | MITRE ATT&CK Techniques | 695 | T1059 |
|
| Details | MITRE ATT&CK Techniques | 208 | T1068 |
|
| Details | MITRE ATT&CK Techniques | 145 | T1588 |
|
| Details | MITRE ATT&CK Techniques | 110 | T1588.006 |
|
| Details | MITRE ATT&CK Techniques | 60 | T1588.005 |
|
| Details | MITRE ATT&CK Techniques | 42 | T1040 |
|
| Details | MITRE ATT&CK Techniques | 534 | T1005 |
|
| Details | MITRE ATT&CK Techniques | 348 | T1036 |
|
| Details | MITRE ATT&CK Techniques | 164 | T1574 |
|
| Details | MITRE ATT&CK Techniques | 30 | T1211 |
|
| Details | Url | 1 | https://www.cisa.gov/sites/default/files/2023-08/aa23- |
|
| Details | Url | 1 | https://www.hivepro.com/the-8220-cryptomining-gang-massively-expands-cloud-botnets |
|
| Details | Url | 1 | https://www.hivepro.com/unveiling-the-stealthy-operations-of-goldenjackal-apt-group |
|
| Details | Url | 1 | https://www.hivepro.com/asylum-ambuscade-unmasking-the-hybrid-threat-group-in- |
|
| Details | Url | 1 | https://www.hivepro.com/muddywater-targets-israeli-organizations-by-exploiting-unpatched- |
|
| Details | Url | 1 | https://www.hivepro.com/monti-ransomware-infiltrates-networks-via-the-well-known- |
|
| Details | Url | 2 | https://www.hivepro.com/budworm-attackers-return-with-new-espionage-strikes-against- |
|
| Details | Url | 1 | https://www.hivepro.com/volt-typhoon-chinese-espionage-group-targets-u-s-government |
|
| Details | Url | 2 | https://fortiguard.com/advisory/fg-ir-18-384 |
|
| Details | Url | 1 | https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2021-34473 |
|
| Details | Url | 1 | https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2021-31207 |
|
| Details | Url | 1 | https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2021-34523 |
|
| Details | Url | 2 | https://www.manageengine.com/products/self-service-password/kb/how-to-fix- |
|
| Details | Url | 3 | https://jira.atlassian.com/browse/confserver-67940 |
|
| Details | Url | 15 | https://logging.apache.org/log4j/2.x/security.html |
|
| Details | Url | 6 | https://www.vmware.com/security/advisories/vmsa-2022-0011.html |
|
| Details | Url | 6 | https://support.f5.com/csp/article/k23605346 |
|
| Details | Url | 3 | https://msrc.microsoft.com/update-guide/en-us/vulnerability/cve-2022-30190 |
|
| Details | Url | 3 | https://jira.atlassian.com/browse/confserver-79016 |
|
| Details | Url | 1 | https://www.hivepro.com/unknown-iranian-attackers-leverage-vulnerabilities-to-conduct- |
|
| Details | Url | 1 | https://www.hivepro.com/lockbit-ransomware-evolving-tactics-and-pervasive-impact-in- |
|
| Details | Url | 1 | https://www.hivepro.com/unveiling-cadet-blizzard-apts-wiper-attacks-targeting-ukraine |
|
| Details | Url | 1 | https://www.hivepro.com/chamelgang-strikes-again-with-chameldoh-malware-xdns-over- |
|
| Details | Url | 1 | https://www.hivepro.com/proxyshellminer-exploits-windows-exchange-server-vulnerabilities- |
|
| Details | Url | 1 | https://www.hivepro.com/lv-ransomware-exploited-proxyshell-to-target-jordan |
|
| Details | Url | 1 | https://www.hivepro.com/blackcat-ransomware-group-implements-quadruple-extortion |
|
| Details | Url | 1 | https://www.hivepro.com/worok-cyber-espionage-gang-preys-on-high-profile-asian- |