ioc[.]one - OSINT Cyber Threat Intelligence Database

Threat Actors Abuse Atlassian to Bypass Security | Cofense

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Confluence - T1213.001 Credentials - T1589.001 Phishing - T1660 Phishing - T1566 Sharepoint - T1213.002

Show in Graph

Common Information

Type	Value
UUID	33e8a6e8-48e7-4a58-8ab6-478e67605e89
Fingerprint	2e1795dca01a48ed
Analysis status	DONE
Considered CTI value	0
Text language
Published	Feb. 24, 2023, 10 a.m.
Added to db	Oct. 24, 2023, 1:27 p.m.
Last updated	Sept. 3, 2024, 8:30 a.m.
Headline	Threat Actors Abuse Atlassian, Bypass Multiple Secure Email Gateways (SEGs)
Title	Threat Actors Abuse Atlassian to Bypass Security \| Cofense
Detected Hints/Tags/Attributes	24/2/8

Source URLs

	Redirection	Url
Details	Source	https://cofense.com/blog/threat-actors-abuse-atlassian-bypass-multiple-secure-email-gateways-segs/

URL Provider

Details	Provider	Source level domain
Details	cofense.com	cofense.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		remittancepaymentnotification.atlassian.net
Details	Domain	1		fear-glitch-me.translate.goog
Details	IPv4	1		104.192.142.18
Details	IPv4	1		142.251.163.132
Details	IPv4	3		172.253.122.132
Details	Url	1		https://remittancepaymentnotification.atlassian.net/l/cp/mteibv2o
Details	Url	1		https://csb–p44y4q-netlify-app.translate.goog/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp
Details	Url	1		https://prism–thin–fear-glitch-me.translate.goog/remittanceex.html