每周高级威胁情报解读(2025.01.10~01.16)
Common Information
Type Value
UUID 3defdbc2-7f23-4e1c-a370-5bbca28ad82d
Fingerprint c0a1eb175570ae68
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 10, 2025, midnight
Added to db Jan. 17, 2025, 4 p.m.
Last updated Feb. 12, 2025, 9:52 a.m.
Headline 每周高级威胁情报解读(2025.01.10~01.16)
Title 每周高级威胁情报解读(2025.01.10~01.16)
Detected Hints/Tags/Attributes 46/3/31
RSS Feed
Attributes
Details Type #Events CTI Value
Details CVE 59
cve-2024-49113
Details CVE 41
cve-2025-21333
Details CVE 41
cve-2025-21334
Details CVE 41
cve-2025-21335
Details Domain 168
therecord.media
Details Domain 316
mp.weixin.qq.com
Details Domain 77
blogs.jpcert.or.jp
Details Domain 3
groupgreeting.com
Details Domain 56
arcticwolf.com
Details Domain 11
blog.xlab.qianxin.com
Details Domain 170
www.fortinet.com
Details File 1
initial_attack_vector.html
Details File 1
stealthy-credit-card-skimmer-targets-wordpress-checkout-pages-via-database-injection.html
Details File 1
information-stealer-masquerades-as-ldapnightmare-poc-exploit.html
Details File 9
poc.exe
Details File 11
blog.xla
Details Threat Actor Identifier - APT 963
APT28
Details Url 1
https://therecord.media/suspected-ukraine-hackers-russian-phishing
Details Url 1
https://mp.weixin.qq.com/s/uja5uhwn8wnbbqabvlnpbw
Details Url 2
https://blog.sekoia.io/double-tap-campaign-russia-nexus-apt-possibly-related-to-apt28-conducts-cyber-espionage-on-central-asia-and-kazakhstan-diplomatic-relations
Details Url 1
https://blogs.jpcert.or.jp/ja/2025/01/initial_attack_vector.html
Details Url 1
https://securityscorecard.com/blog/operation-99-north-koreas-cyber-assault-on-software-developers
Details Url 1
https://blog.sucuri.net/2025/01/stealthy-credit-card-skimmer-targets-wordpress-checkout-pages-via-database-injection.html
Details Url 2
https://www.malwarebytes.com/blog/news/2025/01/groupgreeting-e-card-site-attacked-inzqxq-campaign
Details Url 2
https://arcticwolf.com/resources/blog/console-chaos-targets-fortinet-fortigate-firewalls
Details Url 1
https://www.trendmicro.com/en_us/research/25/a/information-stealer-masquerades-as-ldapnightmare-poc-exploit.html
Details Url 1
https://mp.weixin.qq.com/s/vyoku0uxttv_6-l4hvm3uq
Details Url 2
https://blog.xlab.qianxin.com
Details Url 1
https://www.fortinet.com/blog/threat-research/deep-dive-into-a-linux-rootkit-malware
Details Url 1
https://mp.weixin.qq.com/s/t_m0zafpthtr612z9euxgw
Details Url 1
https://mp.weixin.qq.com/s/smyls_a-xi6ljvuoln7tba