公開情報により攻撃動向の予測を行う 新たな試みと調査手法の共有
Common Information
| Type | Value |
|---|---|
| UUID | aa92b8fc-5db2-4a12-9b74-3cd66b322a62 |
| Fingerprint | 18ecfcd3aea8e32e3e2734065b16bae8fd38caeb98038a69b89eff60745e7a1c |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 23, 2023, 5:44 p.m. |
| Added to db | March 12, 2024, 8:05 p.m. |
| Last updated | Aug. 31, 2024, 5:39 a.m. |
| Headline | 公開情報により攻撃動向の予測を行う 新たな試みと調査手法の共有 |
| Title | 公開情報により攻撃動向の予測を行う 新たな試みと調査手法の共有 |
| Detected Hints/Tags/Attributes | 188/3/107 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://jsac.jpcert.or.jp/archive/2023/pdf/JSAC2023_1_7_sejiyama_en.pdf |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 62 | cve-2022-40684 |
|
| Details | CVE | 128 | cve-2019-11510 |
|
| Details | CVE | 71 | cve-2020-0688 |
|
| Details | CVE | 122 | cve-2022-26134 |
|
| Details | CVE | 105 | cve-2022-41040 |
|
| Details | CVE | 127 | cve-2022-41082 |
|
| Details | CVE | 17 | cve-2022-27510 |
|
| Details | Domain | 4 | darktracer.com |
|
| Details | Domain | 2 | assets.extrahop.com |
|
| Details | Domain | 98 | www.secureworks.com |
|
| Details | Domain | 604 | www.trendmicro.com |
|
| Details | Domain | 15 | www.npa.go.jp |
|
| Details | Domain | 16 | www.coveware.com |
|
| Details | Domain | 5 | unit42.paloaltonetworks.jp |
|
| Details | Domain | 71 | news.sophos.com |
|
| Details | Domain | 41 | arcticwolf.com |
|
| Details | Domain | 101 | www.group-ib.com |
|
| Details | Domain | 124 | www.ibm.com |
|
| Details | Domain | 11 | media.kaspersky.com |
|
| Details | Domain | 469 | www.cisa.gov |
|
| Details | Domain | 144 | www.fortinet.com |
|
| Details | Domain | 88 | securityintelligence.com |
|
| Details | Domain | 67 | www.tenable.com |
|
| Details | Domain | 65 | www.cert.ssi.gouv.fr |
|
| Details | Domain | 47 | go.recordedfuture.com |
|
| Details | Domain | 1373 | twitter.com |
|
| Details | Domain | 7 | www.nisc.go.jp |
|
| Details | Domain | 167 | www.ic3.gov |
|
| Details | Domain | 32 | www.qnap.com |
|
| Details | Domain | 2 | xoxo.darktracer.com |
|
| Details | Domain | 58 | www.shodan.io |
|
| Details | Domain | 3 | macnica.co.jp |
|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 11 | viewdns.info |
|
| Details | Domain | 24 | blog.fox-it.com |
|
| Details | Domain | 6 | gist.githubusercontent.com |
|
| Details | File | 2 | cyber-confidence-index-apac.pdf |
|
| Details | File | 2 | net.html |
|
| Details | File | 2 | r04_kami_cyber_jousei.pdf |
|
| Details | File | 1 | r03_cyber_jousei.pdf |
|
| Details | File | 1 | nalystreport2020-pr-1056.pdf |
|
| Details | File | 1 | ransomware-2022.html |
|
| Details | File | 141 | www.cer |
|
| Details | File | 1 | menace-anssi.pdf |
|
| Details | File | 2 | cta-2022-0210.pdf |
|
| Details | File | 2 | ransomware20210430.pdf |
|
| Details | File | 2 | log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.html |
|
| Details | File | 3 | 220318.pdf |
|
| Details | File | 27 | tls.cer |
|
| Details | File | 10 | viewdns.inf |
|
| Details | File | 1 | vuln_matrix.csv |
|
| Details | File | 25 | http.html |
|
| Details | Github username | 13 | owasp |
|
| Details | Github username | 2 | lz- |
|
| Details | md5 | 2 | 856ab8f2b68c2504d036ce34fdf3965d |
|
| Details | Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development) | 24 | DEV-0401 |
|
| Details | Threat Actor Identifier - APT | 144 | APT38 |
|
| Details | Url | 3 | https://darktracer.com |
|
| Details | Url | 2 | https://assets.extrahop.com/pdfs/industry-reports/cyber-confidence-index-apac.pdf |
|
| Details | Url | 1 | https://www.secureworks.com/resources/rp-state-of- |
|
| Details | Url | 1 | https://www.trendmicro.com/ja_jp/research/22/j/forti |
|
| Details | Url | 1 | https://www.npa.go.jp/publications/statistics/cybersec |
|
| Details | Url | 1 | https://www.coveware.com/blog/2022/7/27/fewer- |
|
| Details | Url | 1 | https://unit42.paloaltonetworks.jp/incident-response- |
|
| Details | Url | 1 | https://news.sophos.com/en-us/2022/06/07/active- |
|
| Details | Url | 1 | https://arcticwolf.com/resources/blog/q1-2022- |
|
| Details | Url | 1 | https://www.group-ib.com/media-center/press- |
|
| Details | Url | 1 | https://www.ibm.com/reports/threat-intelligence |
|
| Details | Url | 1 | https://media.kaspersky.com/jp/pdf/pr/kaspersky_ira |
|
| Details | Url | 1 | https://www.coveware.com/blog/ransomware-attack- |
|
| Details | Url | 1 | https://www.cisa.gov/uscert/ncas/alerts |
|
| Details | Url | 1 | https://www.fortinet.com/blog/threat-research/zerobot-new-go-based-botnet- |
|
| Details | Url | 2 | https://www.cisa.gov/uscert/ncas/alerts/aa22-320a |
|
| Details | Url | 1 | https://www.cisa.gov/uscert/ncas/alerts/aa22-321a |
|
| Details | Url | 1 | https://www.cisa.gov/uscert/ncas/alerts/aa22-279a |
|
| Details | Url | 1 | https://arcticwolf.com/resources/blog/incident-response-insights-from-arctic-wolf- |
|
| Details | Url | 3 | https://www.cisa.gov/uscert/ncas/alerts/aa22-257a |
|
| Details | Url | 1 | https://unit42.paloaltonetworks.jp/incident-response-report |
|
| Details | Url | 1 | https://www.group-ib.com/resources/threat-research/ransomware-2022.html |
|
| Details | Url | 2 | https://www.cisa.gov/uscert/ncas/alerts/aa22-158a |
|
| Details | Url | 1 | https://securityintelligence.com/posts/x-force-top-10-cybersecurity-vulnerabilities- |
|
| Details | Url | 3 | https://www.cisa.gov/uscert/ncas/alerts/aa22-117a |
|
| Details | Url | 1 | https://www.tenable.com/blog/behind-the-scenes-how-we-picked-2021s-top- |
|
| Details | Url | 1 | https://www.cert.ssi.gouv.fr/uploads/20220309_np_white_anssi_panorama- |
|
| Details | Url | 3 | https://www.cisa.gov/uscert/ncas/alerts/aa22-011a |
|
| Details | Url | 1 | https://go.recordedfuture.com/hubfs/reports/cta-2022-0210.pdf |
|
| Details | Url | 2 | https://www.cisa.gov/uscert/ncas/alerts/aa21-321a |
|
| Details | Url | 1 | https://twitter.com/uuallan/status/1438899102448820224 |
|
| Details | Url | 1 | https://www.cisa.gov/uscert/ncas/alerts/aa21-209a |
|
| Details | Url | 1 | https://www.nisc.go.jp/pdf/policy/infra/ransomware20210430.pdf |
|
| Details | Url | 1 | https://www.tenable.com/cyber-exposure/2020-threat-landscape-retrospective |
|
| Details | Url | 1 | https://www.cisa.gov/uscert/ncas/alerts/aa20-296a |
|
| Details | Url | 1 | https://www.cisa.gov/uscert/ncas/alerts/aa20-283a |
|
| Details | Url | 2 | https://www.cisa.gov/uscert/ncas/alerts/aa20-275a |
|
| Details | Url | 2 | https://www.cisa.gov/uscert/ncas/alerts/aa20-258a |
|
| Details | Url | 2 | https://www.trendmicro.com/en_us/research/22/g/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.html |
|
| Details | Url | 3 | https://www.ic3.gov/media/news/2022/220318.pdf |
|
| Details | Url | 2 | https://www.qnap.com/en-me/security-news/2022/take-immediate-actions- |
|
| Details | Url | 2 | https://www.qnap.com/ja-jp/security-advisory/qsa-22-19 |
|
| Details | Url | 2 | https://xoxo.darktracer.com |
|
| Details | Url | 2 | https://www.shodan.io/dashboard |
|
| Details | Url | 2 | https://www.shodan.io/search/facet |
|
| Details | Url | 14 | https://www.shodan.io |
|
| Details | Url | 3 | https://github.com/owasp/amass |
|
| Details | Url | 1 | https://viewdns.info/reversewhois |
|
| Details | Url | 2 | https://blog.fox-it.com/2022/12/28/cve-2022-27510-cve- |
|
| Details | Url | 2 | https://gist.githubusercontent.com/lz- |