安全事件周报 2023-07-17 第29周
Tags
| country: | Norway Poland Russia Ukraine |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Impersonation - T1656 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Sharepoint - T1213.002 Web Services - T1583.006 Web Services - T1584.006 |
Common Information
| Type | Value |
|---|---|
| UUID | 2d396853-21b1-43a3-b431-c51cab2e2f0b |
| Fingerprint | b94f2cc81fb635c2 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | July 17, 2023, midnight |
| Added to db | Aug. 12, 2023, 9:54 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | 安全事件周报 2023-07-17 第29周 |
| Title | 安全事件周报 2023-07-17 第29周 |
| Detected Hints/Tags/Attributes | 99/3/92 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 263 | ✔ | 三六零CERT | https://wechat2rss.xlab.app/feed/2dbce2e5f7b49dc8415db7a0ab325929e0f5d8c3.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CERT 360 CN | 1 | CERT-R-2023-298 |
|
| Details | CERT Ukraine | 40 | UAC-0010 |
|
| Details | CERT Ukraine | 10 | UAC-0003 |
|
| Details | CVE | 25 | cve-2022-0543 |
|
| Details | CVE | 18 | cve-2023-3595 |
|
| Details | CVE | 36 | cve-2023-3596 |
|
| Details | CVE | 11 | cve-2023-20214 |
|
| Details | CVE | 25 | cve-2023-29300 |
|
| Details | CVE | 119 | cve-2023-36884 |
|
| Details | CVE | 152 | cve-2023-3519 |
|
| Details | CVE | 64 | cve-2023-28771 |
|
| Details | CVE | 12 | cve-2023-34329 |
|
| Details | CVE | 12 | cve-2023-34330 |
|
| Details | Domain | 133 | www.infosecurity-magazine.com |
|
| Details | Domain | 138 | www.darkreading.com |
|
| Details | Domain | 137 | securityaffairs.com |
|
| Details | Domain | 10 | bad.build |
|
| Details | Domain | 189 | asec.ahnlab.com |
|
| Details | Domain | 208 | mp.weixin.qq.com |
|
| Details | Domain | 13 | threatmon.io |
|
| Details | Domain | 83 | cert.gov.ua |
|
| Details | Domain | 138 | www.securityweek.com |
|
| Details | Domain | 251 | www.bleepingcomputer.com |
|
| Details | Domain | 91 | 360.net |
|
| Details | Domain | 100 | cert.360.cn |
|
| Details | File | 384 | www.inf |
|
| Details | File | 1 | rockwell-automation-controllogix-flaws.html |
|
| Details | File | 1 | cisco-sd-wan-vmanage-critical-bug.html |
|
| Details | File | 2 | coldfusion-rce-attacks.html |
|
| Details | File | 1 | 会利用inisafecrosswebexsvc.exe |
|
| Details | File | 1 | genesis-market-infrastructure-sold.html |
|
| Details | Mandiant Uncategorized Groups | 65 | UNC1151 |
|
| Details | Threat Actor Identifier - APT-C | 15 | APT-C-28 |
|
| Details | Threat Actor Identifier - APT | 522 | APT41 |
|
| Details | Threat Actor Identifier - FIN | 68 | FIN8 |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/lokibot-malware-targets-windows |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/sorillus-rat-phishing-google |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/new-p2pinfect-worm-malware-targets-linux-and-windows-redis-servers |
|
| Details | Url | 1 | https://www.darkreading.com/attacks-breaches/virustotal-data-leak-affects-5k-users |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/old-roblox-data-leak-resurfaces |
|
| Details | Url | 2 | https://www.infosecurity-magazine.com/news/cyber-attacks-ukraine-poland |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/gamaredon-hackers-start-stealing-data-30-minutes-after-a-breach |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/norwegian-giant-tomra-suffers |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/apt41-hackers-target-android-users-with-wyrmspy-dragonegg-spyware |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/jumpcloud-breach-traced-back-to-north-korean-state-hackers |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/github-warns-of-lazarus-hackers-targeting-devs-with-malicious-projects |
|
| Details | Url | 1 | https://www.darkreading.com/endpoint/zimbra-zero-day-demands-urgent-manual-update |
|
| Details | Url | 1 | https://securityaffairs.com/148472/ics-scada/rockwell-automation-controllogix-flaws.html |
|
| Details | Url | 1 | https://www.darkreading.com/remote-workforce/5-major-takeaways-july-patch-tuesday |
|
| Details | Url | 1 | https://securityaffairs.com/148524/security/cisco-sd-wan-vmanage-critical-bug.html |
|
| Details | Url | 2 | https://securityaffairs.com/148542/hacking/coldfusion-rce-attacks.html |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/cisa-orders-govt-agencies-to-mitigate-windows-and-office-zero-days |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/google-cloud-build-bug-lets-hackers-launch-supply-chain-attacks |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/new-critical-citrix-adc-and-gateway-flaw-exploited-as-zero-day |
|
| Details | Url | 1 | https://www.securityweek.com/new-ami-bmc-flaws-allowing-takeover-and-physical-damage-could-impact-millions-of-devices |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/zyxel-flaw-exploited-ddos-botnets |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/critical-ami-megarac-bugs-can-let-hackers-brick-vulnerable-servers |
|
| Details | Url | 1 | https://asec.ahnlab.com/ko/55252 |
|
| Details | Url | 4 | https://mp.weixin.qq.com/s/13bqdjcfntbfvmubhkgllw |
|
| Details | Url | 1 | https://www.darkreading.com/dr-global/brand-impersonation-middle-east-africa-growth |
|
| Details | Url | 1 | https://www.darkreading.com/cloud/aws-cloud-credential-stealing-campaign-spreads-azure-google |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/ukraine-exposes-gamaredons-data |
|
| Details | Url | 1 | https://threatmon.io/unraveling-the-complex-infection-chain-analysis-of-the-sidecopy-apts-attack |
|
| Details | Url | 2 | https://mp.weixin.qq.com/s/gmgk6lg6pysebf4y7f7g7w |
|
| Details | Url | 4 | https://cert.gov.ua/article/5213167 |
|
| Details | Url | 1 | https://www.securityweek.com/industry-reactions-to-eu-us-data-privacy-framework-feedback-friday |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/eu-prepare-quantum-cyber-attacks |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/cisa-aid-firms-transition-cloud |
|
| Details | Url | 1 | https://www.darkreading.com/dr-tech/microsoft-security-copilot-ai-assistant-next-level |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/us-preparing-cyber-trust-mark-for-more-secure-smart-devices |
|
| Details | Url | 1 | https://www.darkreading.com/operations/seed-group-resecurity-options-uae |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/experts-cisa-update-secure-design |
|
| Details | Url | 1 | https://www.darkreading.com/attacks-breaches/google-red-team-provides-insight-on-real-world-ai-attacks |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/est-e-lauder-beauty-giant-breached-by-two-ransomware-gangs |
|
| Details | Url | 1 | https://www.darkreading.com/black-hat/azure-ad-guests-steal-data-microsoft-power-apps |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/thousands-of-images-on-docker-hub-leak-auth-secrets-private-keys |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/wormgpt-fake-emails-bec-attacks |
|
| Details | Url | 1 | https://securityaffairs.com/148531/cyber-crime/genesis-market-infrastructure-sold.html |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/russian-charged-smuggling-money |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/breachforums-admin-guilty-hacking |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/driban-target-corporate-banking |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/fin8-deploys-alphv-ransomware-using-sardonic-malware-variant |
|
| Details | Url | 2 | https://www.bleepingcomputer.com/news/security/cybersecurity-firm-sophos-impersonated-by-new-sophosencrypt-ransomware |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/us-govt-bans-european-spyware-vendors-intellexa-and-cytrox |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/ukraine-takes-down-massive-bot-farm-seizes-150-000-sim-cards |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/technology/facebook-behavioral-ads-banned-by-norwegian-privacy-watchdog |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/microsoft-hackers-turn-exchange-servers-into-malware-control-centers |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/technology/meta-confirms-whatsapp-is-down-worldwide |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/fbi-tech-support-scams-now-use-shipping-companies-to-collect-cash |
|
| Details | Url | 1 | https://www.darkreading.com/attacks-breaches/mallox-ransomware-group-shifts-into-high-gear |
|
| Details | Url | 87 | http://360.net |
|
| Details | Url | 93 | https://cert.360.cn |