每周蓝军技术推送(2024.11.30-12.6) | CTF导航
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Exploits - T1587.004 Exploits - T1588.005 Impersonation - T1656 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 |
Common Information
| Type | Value |
|---|---|
| UUID | 0831090e-044e-4c9c-8e8d-5035741dd83b |
| Fingerprint | cffb3a1e97aecf6f |
| Analysis status | DONE |
| Considered CTI value | -2 |
| Text language | |
| Published | Nov. 30, 2024, midnight |
| Added to db | Dec. 9, 2024, 2:04 a.m. |
| Last updated | Dec. 18, 2024, 3:09 p.m. |
| Headline | 每周蓝军技术推送(2024.11.30-12.6) |
| Title | 每周蓝军技术推送(2024.11.30-12.6) | CTF导航 |
| Detected Hints/Tags/Attributes | 20/2/65 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.ctfiot.com/218922.html |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 426 | ✔ | CTF导航 | https://www.ctfiot.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 46 | cve-2024-38193 |
|
| Details | CVE | 13 | cve-2024-38144 |
|
| Details | Domain | 4335 | github.com |
|
| Details | Domain | 4 | decoder.cloud |
|
| Details | Domain | 24 | infosecwriteups.com |
|
| Details | Domain | 147 | research.checkpoint.com |
|
| Details | Domain | 1 | blog.slowerzs.net |
|
| Details | Domain | 14 | www.mdsec.co.uk |
|
| Details | Domain | 4 | rastamouse.me |
|
| Details | Domain | 5 | jsecurity101.medium.com |
|
| Details | Domain | 2 | blog.exodusintel.com |
|
| Details | Domain | 8 | ssd-disclosure.com |
|
| Details | Domain | 3 | blog.christophetd.fr |
|
| Details | Domain | 3 | securiti.ai |
|
| Details | Domain | 1 | community.datascience.hp.com |
|
| Details | Domain | 2 | boschko.ca |
|
| Details | Domain | 2 | embracethered.com |
|
| Details | Domain | 164 | arxiv.org |
|
| Details | Domain | 2 | certitude.consulting |
|
| Details | Domain | 303 | thehackernews.com |
|
| Details | Domain | 10 | blog.nviso.eu |
|
| Details | File | 24 | afd.sys |
|
| Details | File | 8 | ksthunk.sys |
|
| Details | File | 3 | securiti.ai |
|
| Details | File | 1 | community.dat |
|
| Details | File | 1 | hackers-use-corrupted-zips-and-office.html |
|
| Details | Github username | 4 | decoder-it |
|
| Details | Github username | 2 | friends-security |
|
| Details | Github username | 1 | pshlyundin |
|
| Details | Github username | 2 | 0xthirteen |
|
| Details | Github username | 1 | d3ext |
|
| Details | Github username | 2 | kudaes |
|
| Details | Github username | 2 | octoberfest7 |
|
| Details | Github username | 3 | rad9800 |
|
| Details | Github username | 1 | censys-research |
|
| Details | Url | 1 | https://decoder.cloud/2024/11/26/group-policy-nightmares-pt2/krbrelayex |
|
| Details | Url | 1 | https://github.com/decoder-it/krbrelayexsha... |
|
| Details | Url | 1 | https://decoder.cloud/2024/11/26/group-policy-nightmares-pt2 |
|
| Details | Url | 1 | https://github.com/decoder-it/krbrelayex |
|
| Details | Url | 1 | https://github.com/friends-security/shadowhound |
|
| Details | Url | 1 | https://github.com/pshlyundin/gpohunter |
|
| Details | Url | 1 | https://github.com/0xthirteen/reg_snake |
|
| Details | Url | 1 | https://infosecwriteups.com/idrac-to-domain-admin-4acb89391070 |
|
| Details | Url | 1 | https://github.com/d3ext/hooka |
|
| Details | Url | 2 | https://research.checkpoint.com/2024/gaming-engines-an-undetected-playground-for-malware-loaders |
|
| Details | Url | 1 | https://github.com/kudaes/eclipse |
|
| Details | Url | 1 | https://github.com/octoberfest7/enumprotections_bof |
|
| Details | Url | 1 | https://github.com/rad9800/bootexecuteedr |
|
| Details | Url | 1 | https://blog.slowerzs.net/posts/cryptdecryptmemory |
|
| Details | Url | 1 | https://www.mdsec.co.uk/2024/11/nighthawk-0-3-3-evanesco |
|
| Details | Url | 1 | https://rastamouse.me/udrl-sleepmask-and-beacongate |
|
| Details | Url | 1 | https://jsecurity101.medium.com/behind-the-mask-unpacking-impersonation-events-fca909e08d00 |
|
| Details | Url | 1 | https://blog.exodusintel.com/2024/12/02/windows-sockets-from-registered-i-o-to-system-privileges |
|
| Details | Url | 1 | https://ssd-disclosure.com/ssd-advisory-ksthunk-sys-integer-overflow-pe |
|
| Details | Url | 3 | https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild |
|
| Details | Url | 1 | https://blog.christophetd.fr/pkce-aws-sso |
|
| Details | Url | 1 | https://securiti.ai/blog/llm-firewalls-are-not-enough-for-ai-security |
|
| Details | Url | 1 | https://community.datascience.hp.com/artificial-intelligence-62/a-deep-dive-into-llm-guardrails-250 |
|
| Details | Url | 1 | https://boschko.ca/adversarial-ml |
|
| Details | Url | 1 | https://embracethered.com/blog/posts/2024/deepseek-ai-prompt-injection-to-xss-and-account-takeover |
|
| Details | Url | 1 | https://arxiv.org/abs/2412.01778 |
|
| Details | Url | 1 | https://certitude.consulting/blog/en/exploring-anti-phishing-measures-inmicrosoft-365-pt-2 |
|
| Details | Url | 1 | https://thehackernews.com/2024/12/hackers-use-corrupted-zips-and-office.html |
|
| Details | Url | 1 | https://github.com/censys-research/censeye |
|
| Details | Url | 1 | https://blog.nviso.eu/2024/11/26/wake-up-and-smell-the-bitlocker-keys |