安全事件周报 2023-07-24 第30周
Tags
| country: | Norway Russia |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Sharepoint - T1213.002 Tool - T1588.002 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | 32f6e1db-baf5-4c80-b071-1c7e06547386 |
| Fingerprint | 9bdc2913c52269db |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | July 24, 2023, midnight |
| Added to db | July 31, 2023, 1:01 p.m. |
| Last updated | Nov. 17, 2024, 5:56 p.m. |
| Headline | 安全事件周报 2023-07-24 第30周 |
| Title | 安全事件周报 2023-07-24 第30周 |
| Detected Hints/Tags/Attributes | 69/3/99 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 263 | ✔ | 三六零CERT | https://wechat2rss.xlab.app/feed/2dbce2e5f7b49dc8415db7a0ab325929e0f5d8c3.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CERT 360 CN | 1 | CERT-R-2023-311 |
|
| Details | CVE | 152 | cve-2023-3519 |
|
| Details | CVE | 243 | cve-2023-34362 |
|
| Details | CVE | 64 | cve-2023-28771 |
|
| Details | CVE | 50 | cve-2023-37450 |
|
| Details | CVE | 26 | cve-2023-38606 |
|
| Details | CVE | 77 | cve-2023-35078 |
|
| Details | CVE | 36 | cve-2023-20593 |
|
| Details | CVE | 8 | cve-2022-24402 |
|
| Details | CVE | 9 | cve-2022-24401 |
|
| Details | CVE | 14 | cve-2023-20891 |
|
| Details | CVE | 19 | cve-2023-30799 |
|
| Details | CVE | 16 | cve-2023-32629 |
|
| Details | CVE | 18 | cve-2023-2640 |
|
| Details | CVE | 6 | cve-2023-38750 |
|
| Details | CVE | 9 | cve-2023-37979 |
|
| Details | CVE | 6 | cve-2023-38386 |
|
| Details | CVE | 34 | cve-2023-29298 |
|
| Details | CVE | 22 | cve-2023-38205 |
|
| Details | Domain | 133 | www.infosecurity-magazine.com |
|
| Details | Domain | 137 | securityaffairs.com |
|
| Details | Domain | 208 | mp.weixin.qq.com |
|
| Details | Domain | 7 | it.rising.com.cn |
|
| Details | Domain | 182 | www.mandiant.com |
|
| Details | Domain | 272 | outlook.com |
|
| Details | Domain | 138 | www.securityweek.com |
|
| Details | Domain | 4 | dnbl.ncia.nato.int |
|
| Details | Domain | 91 | 360.net |
|
| Details | Domain | 100 | cert.360.cn |
|
| Details | File | 384 | www.inf |
|
| Details | File | 2 | ddos-botnets-targets-zyxel-devices.html |
|
| Details | File | 1 | 15k-citrix-servers-vulnerable-cve-2023-3519.html |
|
| Details | File | 5 | mqac.sys |
|
| Details | File | 2 | 20025.html |
|
| Details | IPv4 | 14 | 11.8.1.1 |
|
| Details | IPv4 | 14 | 11.9.1.1 |
|
| Details | IPv4 | 14 | 11.10.0.2 |
|
| Details | IPv4 | 7 | 11.8.1.0 |
|
| Details | IPv4 | 3 | 11.7.0.0 |
|
| Details | IPv4 | 3 | 11.5.0.0 |
|
| Details | Mandiant Uncategorized Groups | 21 | UNC4899 |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/lazarus-hackers-hijack-microsoft-iis-servers-to-spread-malware |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/new-realst-macos-malware-steals-your-cryptocurrency-wallets |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/decoy-dog-malware-upgraded |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/new-nitrogen-malware-pushed-via-google-ads-for-ransomware-attacks |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/dark-web-markets-fraudgpt-ai-tool |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/tampa-hospital-data-breach |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/aussie-government-personal-info |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/8-million-people-hit-by-data-breach-at-us-govt-contractor-maximus |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/breachforums-database-and-private-chats-for-sale-in-hacker-data-breach |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/cyber-attack-strikes-norwegian |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/supply-chain-attack-hits-nhs |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/security-incident-cardiocomm |
|
| Details | Url | 2 | https://securityaffairs.com/148724/malware/ddos-botnets-targets-zyxel-devices.html |
|
| Details | Url | 1 | https://securityaffairs.com/148735/hacking/15k-citrix-servers-vulnerable-cve-2023-3519.html |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/apple/apple-fixes-new-zero-day-used-in-attacks-against-iphones-macs |
|
| Details | Url | 2 | https://www.bleepingcomputer.com/news/security/ivanti-patches-mobileiron-zero-day-bug-exploited-in-attacks |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/zenbleed-attack-leaks-sensitive-data-from-amd-zen2-processors |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/cisa-warns-govt-agencies-to-patch-ivanti-bug-exploited-in-attacks |
|
| Details | Url | 1 | https://www.darkreading.com/dr-global/zero-day-vulnerabilities-disclosed-in-global-emergency-services-communications-protocol |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/vmware-fixes-bug-exposing-cf-api-admin-credentials-in-audit-logs |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/super-admin-elevation-bug-puts-900-000-mikrotik-devices-at-risk |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/ivanti-patches-zeroday-bug-norway |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/flaws-microsoft-message-queuing |
|
| Details | Url | 2 | https://www.bleepingcomputer.com/news/security/almost-40-percent-of-ubuntu-users-vulnerable-to-new-privilege-elevation-flaws |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/900000-mikrotik-routers-critical |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/zimbra-patches-zero-day-vulnerability-exploited-in-xss-attacks |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/high-severity-flaws-ninja-forms |
|
| Details | Url | 1 | https://github.blog/2023-07-18-security-alert-social-engineering-campaign-targets-technology-industry-employees |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/clop-record-ransomware-activity |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/clop-could-make-100m-moveit |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/jumpcloud-hack-linked-to-north-korea-after-opsec-mistake |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/open-source-supply-chain-attacks-1 |
|
| Details | Url | 2 | http://app.pal4u.net |
|
| Details | Url | 3 | https://mp.weixin.qq.com/s/xvv3boad7cdpaz0na8id1q |
|
| Details | Url | 2 | http://it.rising.com.cn/anquan/20025.html |
|
| Details | Url | 5 | https://www.mandiant.com/resources/blog/north-korea-supply-chain |
|
| Details | Url | 3 | https://mp.weixin.qq.com/s/qkwd_x3afpurthjqu7lbvg |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/lazarus-hackers-linked-to-60-million-alphapo-cryptocurrency-heist |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/education-sector-highest |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/repeatable-vec-attacks-critical |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/apt-mysterious-elephant-q2-2023 |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/doj-shakeup-cybercrime |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/microsoft/microsoft-enhances-windows-11-phishing-protection-with-new-features |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/sec-cyberincident-disclosure-four |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/ncsc-publishes-new-guidance-on |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/russian-prosecutor-18-years-jail |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/github-warns-devs-of-north-korean |
|
| Details | Url | 1 | https://www.securityweek.com/microsoft-cloud-hack-exposed-more-than-exchange-outlook-emails |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/cisa-warns-govt-agencies-to-patch-adobe-coldfusion-servers |
|
| Details | Url | 2 | https://www.bleepingcomputer.com/news/security/clop-now-leaks-data-stolen-in-moveit-attacks-on-clearweb-sites |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/thousands-citrix-servers-exposed |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/hacker-stolen-medical-records |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/alphv-ransomware-adds-data-leak-api-in-new-extortion-strategy |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/nato-investigates-alleged-data-theft-by-siegedsec-hackers |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/group-ib-sentenced-russia-14-years |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/coinspaid-blames-lazarus-hackers-for-theft-of-37-300-000-in-crypto |
|
| Details | Url | 87 | http://360.net |
|
| Details | Url | 93 | https://cert.360.cn |