每周高级威胁情报解读(2023.09.15~09.21)
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | 3ba46fef-3604-41e1-ac98-c74517915c53 |
| Fingerprint | 1180641367beec65 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Sept. 15, 2023, midnight |
| Added to db | Nov. 20, 2023, 12:37 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | 每周高级威胁情报解读(2023.09.15~09.21) |
| Title | 每周高级威胁情报解读(2023.09.15~09.21) |
| Detected Hints/Tags/Attributes | 73/2/39 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 267 | ✔ | 奇安信威胁情报中心 | https://wechat2rss.xlab.app/feed/b93962f981247c0091dad08df5b7a6864ab888e9.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 133 | cve-2023-38831 |
|
| Details | CVE | 12 | cve-2023-40477 |
|
| Details | CVE | 10 | cve-2023-25157 |
|
| Details | CVE | 4 | cve-2023-29491 |
|
| Details | Domain | 208 | mp.weixin.qq.com |
|
| Details | Domain | 224 | unit42.paloaltonetworks.com |
|
| Details | Domain | 37 | blog.alyac.co.kr |
|
| Details | Domain | 24 | sysdig.com |
|
| Details | Domain | 261 | blog.talosintelligence.com |
|
| Details | Domain | 182 | www.mandiant.com |
|
| Details | Domain | 47 | intel471.com |
|
| Details | Domain | 189 | asec.ahnlab.com |
|
| Details | File | 7 | photoshop.exe |
|
| Details | File | 263 | iexplore.exe |
|
| Details | Mandiant Uncategorized Groups | 111 | UNC3944 |
|
| Details | Threat Actor Identifier - APT-C | 79 | APT-C-23 |
|
| Details | Threat Actor Identifier - APT | 277 | APT37 |
|
| Details | Threat Actor Identifier - APT | 181 | APT33 |
|
| Details | Url | 3 | https://mp.weixin.qq.com/s/-lyxjtjehdwa8km_ri1cxg |
|
| Details | Url | 2 | https://unit42.paloaltonetworks.com/turla-pensive-ursa-threat-assessment |
|
| Details | Url | 2 | https://blog.alyac.co.kr/5251 |
|
| Details | Url | 2 | https://www.sentinelone.com/labs/capratube-transparent-tribes-caprarat-mimics-youtube-to-hijack-android-phones |
|
| Details | Url | 2 | https://mp.weixin.qq.com/s/g9bhq2of0ixa9lzy-lpfeg |
|
| Details | Url | 2 | https://www.microsoft.com/en-us/security/blog/2023/09/14/peach-sandstorm-password-spray-campaigns-enable-intelligence-collection-at-high-value-targets |
|
| Details | Url | 2 | https://mp.weixin.qq.com/s/1j4jnqlvust6psawwoq1cq |
|
| Details | Url | 1 | https://mp.weixin.qq.com/s/l7tfhmnysnx1iq2evqiqhg |
|
| Details | Url | 1 | https://sysdig.com/blog/ambersquid |
|
| Details | Url | 4 | https://blog.talosintelligence.com/introducing-shrouded-snooper |
|
| Details | Url | 4 | https://www.mandiant.com/resources/blog/unc3944-sms-phishing-sim-swapping-ransomware |
|
| Details | Url | 1 | https://mp.weixin.qq.com/s/yxv9aimrasgiasj5gi9lsg |
|
| Details | Url | 1 | https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/3am-ransomware-lockbit |
|
| Details | Url | 2 | https://research.checkpoint.com/2023/behind-the-scenes-of-bbtok-analyzing-a-bankers-server-side-components |
|
| Details | Url | 2 | https://unit42.paloaltonetworks.com/fake-cve-2023-40477-poc-hides-venomrat |
|
| Details | Url | 1 | https://research.checkpoint.com/2023/unveiling-the-shadows-the-dark-alliance-between-guloader-and-remcos |
|
| Details | Url | 1 | https://cyble.com/blog/emerging-threat-understanding-the-pysilon-discord-rats-versatile-features |
|
| Details | Url | 2 | https://intel471.com/blog/bumblebee-loader-resurfaces-in-new-campaign |
|
| Details | Url | 1 | https://asec.ahnlab.com/en/57001 |
|
| Details | Url | 2 | https://www.mcafee.com/blogs/other-blogs/mcafee-labs/exploring-winrar-vulnerability-cve-2023-38831 |
|
| Details | Url | 1 | https://www.microsoft.com/en-us/security/blog/2023/09/14/uncursing-the-ncurses-memory-corruption-vulnerabilities-found-in-library |