Threat Advisory
Show in Graph
Image Description
Common Information
Type Value
UUID db0e5518-a867-4e85-87b2-fff0e34288ba
Fingerprint 94a07cf3166c8ff4124e281c7a3e205097746fce2a4dbb3e0c4b9bde62c46e68
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 29, 2024, 6:17 p.m.
Added to db Feb. 7, 2024, 7:45 p.m.
Last updated Aug. 31, 2024, 7:55 a.m.
Headline Threat Advisory
Title Threat Advisory
Detected Hints/Tags/Attributes 74/3/20
Source URLs
Redirection Url
Details Source https://www.hivepro.com/wp-content/uploads/2024/01/Midnight-Blizzard-Exploiting-Legacy-OAuth-for-Lateral-Movement_TA2024036.pdf
URL Provider
Details Provider Source level domain
Details hivepro.com www.hivepro.com
Attributes
Details Type #Events CTI Value
Details CVE 53 
cve-2023-42793
Details Domain 397 
www.microsoft.com
Details Domain 452 
msrc.microsoft.com
Details Domain 435 
www.hivepro.com
Details IBM X-Force - Threat Group Enumeration 6 
ITG11
Details Mandiant Uncategorized Groups 97 
UNC2452
Details MITRE ATT&CK Techniques 49 
T1110.003
Details MITRE ATT&CK Techniques 125 
T1110
Details MITRE ATT&CK Techniques 627 
T1027
Details MITRE ATT&CK Techniques 36 
T1586
Details MITRE ATT&CK Techniques 542 
T1190
Details MITRE ATT&CK Techniques 66 
T1583
Details MITRE ATT&CK Techniques 21 
T1583.006
Details MITRE ATT&CK Techniques 19 
T1586.002
Details Threat Actor Identifier - APT 665 
APT29
Details Threat Actor Identifier by Thales 5 
ATK 7
Details Url 1 
https://www.microsoft.com/en-us/security/blog/2024/01/25/midnight-blizzard-guidance-for-
Details Url 1 
https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-
Details Url 2 
https://www.hivepro.com/threat-advisory/new-apt-29-campaign-targets-organizations-through-
Details Url 1 
https://www.hivepro.com/threat-advisory/russian-svr-exploits-critical-teamcity-vulnerability-