ioc[.]one - OSINT Cyber Threat Intelligence Database

安全事件周报 2023-10-30 第44周

Tags

country:	Albania Argentina Austria Canada Russia Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Confluence - T1213.001 Dns - T1071.004 Dns - T1590.002 Malware - T1587.001 Malware - T1588.001 Msbuild - T1127.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	38ed28fe-b147-4416-8d09-30c2fbe2c9a4
Fingerprint	9986e0c3dbb565fa
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 30, 2023, midnight
Added to db	Nov. 20, 2023, 12:33 a.m.
Last updated	Nov. 17, 2024, 5:57 p.m.
Headline	安全事件周报 2023-10-30 第44周
Title	安全事件周报 2023-10-30 第44周
Detected Hints/Tags/Attributes	118/3/108

Source URLs

	Redirection	Url
Details	Source	https://mp.weixin.qq.com/s?__biz=MzU5MjEzOTM3NA==&mid=2247498208&idx=1&sn=40fa64c754b7bd04dbd058baa9357b4b&chksm=fe26fce1c95175f7ff2c2c50a570dfcbf6d72559ac3a4349c71f8560d2a081d54e951a411dc4&scene=58&subscene=0#rd

URL Provider

Details	Provider	Source level domain
Details	qq.com	mp.weixin.qq.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	263	✔	三六零CERT	https://wechat2rss.xlab.app/feed/2dbce2e5f7b49dc8415db7a0ab325929e0f5d8c3.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CERT 360 CN	2	CERT-R-2023-506
Details	CVE	133	cve-2023-38831
Details	CVE	55	cve-2023-46747
Details	CVE	9	cve-2023-5472
Details	CVE	70	cve-2023-22518
Details	CVE	8	cve-2023-28285
Details	CVE	15	cve-2023-29344
Details	CVE	4	cve-2023-3314
Details	CVE	14	cve-2023-33146
Details	CVE	20	cve-2023-46748
Details	CVE	84	cve-2023-46604
Details	Domain	403	securelist.com
Details	Domain	137	securityaffairs.com
Details	Domain	261	blog.talosintelligence.com
Details	Domain	224	unit42.paloaltonetworks.com
Details	Domain	133	www.infosecurity-magazine.com
Details	Domain	25	cyble.com
Details	Domain	101	www.elastic.co
Details	Domain	280	thehackernews.com
Details	Domain	208	mp.weixin.qq.com
Details	Domain	138	www.darkreading.com
Details	Domain	91	360.net
Details	Domain	100	cert.360.cn
Details	File	89	wininit.exe
Details	File	2	stripedfly-complex-malware.html
Details	File	384	www.inf
Details	File	2	mysterious-kill-switch-disrupts-mozi.html
Details	File	2	clop-group-us-federal-employees.html
Details	File	2	okta-data-breach-third-party-vendor.html
Details	File	6	yellow-liderc-ships-its-scripts-delivers-imaploader-malware.html
Details	File	2	it-army-of-ukraine-hit-russia-isp.html
Details	File	2	researchers-uncover-wiretapping-of-xmpp.html
Details	File	2	f5-big-ip-flaws-known-exploited-vulnerabilities-catalog.html
Details	File	2	apache-activemq-cve-2023-46604-hellokitty-ransomare.html
Details	File	2	wiki-slack-attack.html
Details	File	2	http堆栈驱动程序http.sys
Details	File	2	google-expands-its-bug-bounty-program.html
Details	File	2	dns-abuse-exposes-prolific-pumas.html
Details	File	2	iranian-cyber-espionage-group-targets.html
Details	Microsoft Threat Actor Naming Taxonomy (Groups in development)	17	Storm-0861
Details	Threat Actor Identifier - APT-C	15	APT-C-55
Details	Threat Actor Identifier - APT-C	79	APT-C-23
Details	Threat Actor Identifier - APT-C	83	APT-C-36
Details	Threat Actor Identifier - APT	258	APT34
Details	Url	2	https://www.bleepingcomputer.com/news/security/lazarus-hackers-breached-dev-repeatedly-to-deploy-signbt-malware
Details	Url	2	https://www.bleepingcomputer.com/news/security/new-hunters-international-ransomware-possible-rebrand-of-hive
Details	Url	5	https://securelist.com/unveiling-lazarus-new-campaign/110888
Details	Url	2	https://www.bleepingcomputer.com/news/security/new-bibi-linux-wiper-malware-targets-israeli-orgs-in-destructive-attacks
Details	Url	2	https://securityaffairs.com/153208/malware/stripedfly-complex-malware.html
Details	Url	2	https://www.bleepingcomputer.com/news/security/malicious-nuget-packages-abuse-msbuild-to-install-malware
Details	Url	3	https://medium.com/s2wblog/fastviewer-variant-merged-with-fastspy-and-disguised-as-a-legitimate-mobile-application-f3004588f95c
Details	Url	5	https://blog.talosintelligence.com/arid-viper-mobile-spyware
Details	Url	4	https://unit42.paloaltonetworks.com/pensive-ursa-uses-upgraded-kazuar-backdoor
Details	Url	2	https://www.infosecurity-magazine.com/news/palo-alto-features-russian-turla
Details	Url	2	https://cyble.com/blog/donot-apt-expands-its-arsenal-to-spy-on-victims-voip-calls
Details	Url	5	https://www.elastic.co/security-labs/elastic-catches-dprk-passing-out-kandykorn
Details	Url	3	https://www.infosecurity-magazine.com/news/spy-module-whatsapp-mods
Details	Url	2	https://thehackernews.com/2023/11/mysterious-kill-switch-disrupts-mozi.html
Details	Url	2	https://www.bleepingcomputer.com/news/security/hackers-email-stolen-student-data-to-parents-of-nevada-school-district
Details	Url	2	https://securityaffairs.com/153486/data-breach/clop-group-us-federal-employees.html
Details	Url	2	https://securityaffairs.com/153478/data-breach/okta-data-breach-third-party-vendor.html
Details	Url	2	https://mp.weixin.qq.com/s/vo3csfk--c9z98k2lmtvma
Details	Url	3	https://mp.weixin.qq.com/s/fnumsdllv24snyfpvj-hva
Details	Url	4	https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/yellow-liderc-ships-its-scripts-delivers-imaploader-malware.html
Details	Url	4	https://cyble.com/blog/higaisa-apt-resurfaces-via-phishing-website-targeting-chinese-users
Details	Url	2	https://securityaffairs.com/153192/hacktivism/it-army-of-ukraine-hit-russia-isp.html
Details	Url	2	https://www.bleepingcomputer.com/news/security/toronto-public-library-services-down-following-weekend-cyberattack
Details	Url	2	https://www.bleepingcomputer.com/news/security/british-library-knocked-offline-by-weekend-cyberattack
Details	Url	2	https://www.darkreading.com/endpoint/boeing-confirms-system-compromise-alerting-customers
Details	Url	2	https://www.infosecurity-magazine.com/news/north-korea-crypto-engineers
Details	Url	2	https://www.infosecurity-magazine.com/news/muddywater-targets-israeli-entities
Details	Url	2	https://thehackernews.com/2023/10/researchers-uncover-wiretapping-of-xmpp.html
Details	Url	2	https://www.bleepingcomputer.com/news/security/f5-fixes-big-ip-auth-bypass-allowing-remote-code-execution-attacks
Details	Url	2	https://www.bleepingcomputer.com/news/security/rce-exploit-for-wyze-cam-v3-publicly-released-patch-now
Details	Url	2	https://www.darkreading.com/dr-global/uae-cyber-council-warns-google-chrome-vulnerability
Details	Url	2	https://www.bleepingcomputer.com/news/security/atlassian-warns-of-critical-confluence-flaw-leading-to-data-loss
Details	Url	2	https://www.darkreading.com/vulnerabilities-threats/more-than-100-vulnerabilities-in-microsoft-office-tied-to-sketchup-3d-library
Details	Url	2	https://securityaffairs.com/153374/hacking/f5-big-ip-flaws-known-exploited-vulnerabilities-catalog.html
Details	Url	2	https://securityaffairs.com/153454/hacking/apache-activemq-cve-2023-46604-hellokitty-ransomare.html
Details	Url	2	https://www.darkreading.com/dr-global/hacktivist-activity-related-to-gaza-conflict-dwindles
Details	Url	2	https://securityaffairs.com/153245/hacking/wiki-slack-attack.html
Details	Url	2	https://www.infosecurity-magazine.com/news/arid-viper-targets-arabic-speaking
Details	Url	2	https://www.bleepingcomputer.com/news/security/massive-cybercrime-url-shortening-service-uncovered-via-dns-data
Details	Url	2	https://www.bleepingcomputer.com/news/security/flipper-zero-bluetooth-spam-attacks-ported-to-new-android-app
Details	Url	3	https://research.checkpoint.com/2023/from-albania-to-the-middle-east-the-scarred-manticore-is-listening
Details	Url	4	https://mp.weixin.qq.com/s/-7u1-ntp0edvotptzbhusg
Details	Url	2	https://www.infosecurity-magazine.com/news/people-hacker-ai-social
Details	Url	2	https://thehackernews.com/2023/10/google-expands-its-bug-bounty-program.html
Details	Url	2	https://www.infosecurity-magazine.com/news/security-agency-rolls-protective
Details	Url	2	https://www.darkreading.com/dr-global/uae-cyber-future-us-treasury-partnership-collaborations
Details	Url	2	https://www.bleepingcomputer.com/news/security/ftc-orders-non-bank-financial-firms-to-report-breaches-in-30-days
Details	Url	2	https://www.bleepingcomputer.com/news/security/dozens-of-countries-will-pledge-to-stop-paying-ransomware-gangs
Details	Url	2	https://www.bleepingcomputer.com/news/security/samsung-galaxy-gets-new-auto-blocker-anti-malware-feature
Details	Url	2	https://www.bleepingcomputer.com/news/security/canada-bans-wechat-and-kaspersky-products-on-govt-devices
Details	Url	2	https://www.infosecurity-magazine.com/news/28-countries-bletchley-declaration
Details	Url	2	https://www.infosecurity-magazine.com/news/ai-safety-summit-biden-launch
Details	Url	2	https://www.bleepingcomputer.com/news/security/pirate-iptv-network-in-austria-dismantled-and-174-million-seized
Details	Url	2	https://www.bleepingcomputer.com/news/security/sec-sues-solarwinds-for-misleading-investors-before-2020-hack
Details	Url	3	https://www.bleepingcomputer.com/news/security/lastpass-breach-linked-to-theft-of-44-million-in-crypto
Details	Url	2	https://www.bleepingcomputer.com/news/security/avast-confirms-it-tagged-google-app-as-malware-on-android-phones
Details	Url	2	https://www.infosecurity-magazine.com/news/nhs-trust-slammed-delays-thousands
Details	Url	2	https://www.infosecurity-magazine.com/news/kill-switch-shuts-down-mozi-iot
Details	Url	2	https://thehackernews.com/2023/11/dns-abuse-exposes-prolific-pumas.html
Details	Url	2	https://thehackernews.com/2023/11/iranian-cyber-espionage-group-targets.html
Details	Url	2	https://www.infosecurity-magazine.com/news/uk-banks-quantum-imperil-entire
Details	Url	2	https://www.infosecurity-magazine.com/news/russian-security-services-arrest
Details	Url	87	http://360.net
Details	Url	93	https://cert.360.cn