ioc[.]one - OSINT Cyber Threat Intelligence Database

安全事件周报 2023-11-13 第46周 - 360CERT

Tags

country:	Australia Azerbaijan Chile Denmark Vietnam Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Botnet - T1583.005 Botnet - T1584.005 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Python - T1059.006 Server - T1583.004 Server - T1584.004 Ssh - T1021.004 Vulnerabilities - T1588.006 Connection Proxy - T1090 Hypervisor - T1062

Show in Graph

Common Information

Type	Value
UUID	5cd0735c-8a32-4b1e-9382-b4a2d05b3d96
Fingerprint	cabf2378f5ef441d
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 20, 2023, 3:20 p.m.
Added to db	Nov. 20, 2023, 8:25 a.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	UNKNOWN
Title	安全事件周报 2023-11-13 第46周 - 360CERT
Detected Hints/Tags/Attributes	113/3/104

Source URLs

	Redirection	Url
Details	Source	https://cert.360.cn/warning/detail?id=655b08baea0822e915605f91

URL Provider

Details	Provider	Source level domain
Details	360.cn	cert.360.cn

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	78	✔	360 CERT	https://cert.360.cn/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CERT 360 CN	2	CERT-R-2023-533
Details	CVE	31	cve-2023-47246
Details	CVE	12	cve-2023-36844
Details	CVE	12	cve-2023-36845
Details	CVE	11	cve-2023-36846
Details	CVE	11	cve-2023-36847
Details	CVE	3	cve-2023-6063
Details	CVE	15	cve-2023-34060
Details	CVE	11	cve-2023-23583
Details	CVE	84	cve-2023-46604
Details	CVE	5	cve-2023-46835
Details	CVE	20	cve-2023-37580
Details	CVE	6	cve-2023-36553
Details	CVE	116	cve-2023-4966
Details	CVE	217	cve-2020-1472
Details	CVE	133	cve-2023-38831
Details	Domain	189	asec.ahnlab.com
Details	Domain	280	thehackernews.com
Details	Domain	133	www.infosecurity-magazine.com
Details	Domain	138	www.darkreading.com
Details	Domain	251	www.bleepingcomputer.com
Details	Domain	137	securityaffairs.com
Details	Domain	182	www.mandiant.com
Details	Domain	208	mp.weixin.qq.com
Details	Domain	139	wordpress.org
Details	Domain	8	www.rnbo.gov.ua
Details	Domain	91	360.net
Details	File	2	new-bibi-windows-wiper-targets-windows.html
Details	File	384	www.inf
Details	File	2	vietnam-post-data-leak.html
Details	File	2	denmark-critical-infrastructure-record-attacks.html
Details	File	2	alert-oracleiv-ddos-botnet-targets.html
Details	File	2	new-poc-exploit-for-apache-activemq.html
Details	File	2	urgent-vmware-warns-of-unpatched.html
Details	File	2	zimbra-zero-day-govt-emails.html
Details	File	2	the-lorenz-ransomware-group-hit-texas-based-cogdell-memorial-hospital.html
Details	File	2	fbi-cisa-rhysida-ransomware-gang.html
Details	File	2	new-ransomware-group-emerges-with-hives.html
Details	File	17	en.pdf
Details	Mandiant Uncategorized Groups	111	UNC3944
Details	Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development)	39	DEV-0950
Details	Threat Actor Identifier - APT-C	7	APT-C-52
Details	Threat Actor Identifier - APT-C	17	APT-C-17
Details	Threat Actor Identifier - APT	665	APT29
Details	Threat Actor Identifier by Tencent	27	T-APT-04
Details	Threat Actor Identifier - FIN	127	FIN11
Details	Url	4	https://asec.ahnlab.com/ko/58215
Details	Url	2	https://thehackernews.com/2023/11/new-bibi-windows-wiper-targets-windows.html
Details	Url	2	https://www.infosecurity-magazine.com/news/python-malware-ddos-threat-docker
Details	Url	2	https://www.darkreading.com/threat-intelligence/ducktail-malware-targets-fashion-industry
Details	Url	3	https://www.proofpoint.com/us/blog/threat-insight/ta402-uses-complex-ironwind-infection-chains-target-middle-east-based-government
Details	Url	2	https://www.bleepingcomputer.com/news/security/mysql-servers-targeted-by-ddostf-ddos-as-a-service-botnet
Details	Url	2	https://www.bleepingcomputer.com/news/security/lockbit-ransomware-leaks-gigabytes-of-boeing-data
Details	Url	2	https://www.bleepingcomputer.com/news/security/mortgage-giant-mr-cooper-says-customer-data-exposed-in-breach
Details	Url	2	https://www.darkreading.com/risk/leaky-dicom-medical-protocol-exposes-millions-patient-records
Details	Url	2	https://www.bleepingcomputer.com/news/security/pharmacy-provider-truepill-data-breach-hits-23-million-customers
Details	Url	2	https://www.bleepingcomputer.com/news/security/toronto-public-library-confirms-data-stolen-in-ransomware-attack
Details	Url	2	https://www.bleepingcomputer.com/news/security/samsung-hit-by-new-data-breach-impacting-uk-store-customers
Details	Url	2	https://www.bleepingcomputer.com/news/security/pj-and-a-says-cyberattack-exposed-data-of-nearly-9-million-patients
Details	Url	2	https://www.bleepingcomputer.com/news/security/toyota-confirms-breach-after-medusa-ransomware-threatens-to-leak-data
Details	Url	2	https://securityaffairs.com/154271/data-breach/vietnam-post-data-leak.html
Details	Url	6	https://www.mandiant.com/resources/blog/sandworm-disrupts-power-ukraine-operational-technology
Details	Url	2	https://www.darkreading.com/attacks-breaches/state-maine-latest-moveit-victim
Details	Url	2	https://www.bleepingcomputer.com/news/security/iranian-hackers-launch-malware-attacks-on-israels-tech-sector
Details	Url	2	https://www.bleepingcomputer.com/news/security/hackers-breach-healthcare-orgs-via-screenconnect-remote-access
Details	Url	2	https://www.infosecurity-magazine.com/news/moveit-gang-targets-sysaid-zeroday
Details	Url	4	https://mp.weixin.qq.com/s/crx7nlpe4zzgwheowe8_ba
Details	Url	2	https://www.bleepingcomputer.com/news/security/dp-world-cyberattack-blocks-thousands-of-containers-in-ports
Details	Url	2	https://securityaffairs.com/154156/apt/denmark-critical-infrastructure-record-attacks.html
Details	Url	2	https://www.bleepingcomputer.com/news/security/long-beach-california-turns-off-it-systems-after-cyberattack
Details	Url	2	https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-outlook-desktop-bug-causing-slow-saving-issues
Details	Url	2	https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-juniper-pre-auth-rce-exploit-chain
Details	Url	2	https://thehackernews.com/2023/11/alert-oracleiv-ddos-botnet-targets.html
Details	Url	2	https://www.bleepingcomputer.com/news/security/new-cachewarp-amd-cpu-attack-lets-hackers-gain-root-in-linux-vms
Details	Url	3	https://www.bleepingcomputer.com/news/security/wp-fastest-cache-plugin-bug-exposes-600k-wordpress-sites-to-attacks
Details	Url	2	https://www.bleepingcomputer.com/news/security/vmware-discloses-critical-vcd-appliance-auth-bypass-with-no-patch
Details	Url	2	https://www.bleepingcomputer.com/news/security/new-reptar-cpu-flaw-impacts-intel-desktop-and-server-systems
Details	Url	2	https://www.darkreading.com/vulnerabilities-threats/21-vulnerabilities-discovered-crucial-it-ot-connective-routers
Details	Url	2	https://thehackernews.com/2023/11/new-poc-exploit-for-apache-activemq.html
Details	Url	2	https://www.bleepingcomputer.com/news/security/citrix-hypervisor-gets-hotfix-for-new-reptar-intel-cpu-flaw
Details	Url	2	https://thehackernews.com/2023/11/urgent-vmware-warns-of-unpatched.html
Details	Url	2	https://securityaffairs.com/154277/apt/zimbra-zero-day-govt-emails.html
Details	Url	2	https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-command-injection-bug-in-fortisiem
Details	Url	2	https://www.bleepingcomputer.com/news/security/microsoft-bluenoroff-hackers-plan-new-crypto-theft-attacks
Details	Url	2	https://www.bleepingcomputer.com/news/security/ethereum-feature-abused-to-steal-60-million-from-99k-victims
Details	Url	4	https://mp.weixin.qq.com/s/mhyglpqothzg-h2rveobaw
Details	Url	2	https://www.infosecurity-magazine.com/news/black-friday-malwarebytes-credit
Details	Url	2	https://www.darkreading.com/dr-global/azerbaijan-agencies-cyber-partner-deals
Details	Url	2	https://www.infosecurity-magazine.com/news/eu-formalizes-cybersecurity
Details	Url	2	https://www.infosecurity-magazine.com/news/us-gov-first-ai-roadmap-for
Details	Url	2	https://www.darkreading.com/dr-global/oil-giant-aramco-drills-down-on-saudi-ics-security
Details	Url	2	https://www.infosecurity-magazine.com/news/csa-launches-zero-trust
Details	Url	2	https://securityaffairs.com/154101/data-breach/the-lorenz-ransomware-group-hit-texas-based-cogdell-memorial-hospital.html
Details	Url	2	https://www.bleepingcomputer.com/news/security/lockbit-ransomware-exploits-citrix-bleed-in-attacks-10k-servers-exposed
Details	Url	2	https://www.bleepingcomputer.com/news/security/fbi-and-cisa-warn-of-opportunistic-rhysida-ransomware-attacks
Details	Url	2	https://securityaffairs.com/154224/malware/fbi-cisa-rhysida-ransomware-gang.html
Details	Url	4	https://mp.weixin.qq.com/s/f6t_zqhylcdcjzrhihdxfa
Details	Url	2	https://www.bleepingcomputer.com/news/security/police-takes-down-bulletproftlink-large-scale-phishing-provider
Details	Url	2	https://thehackernews.com/2023/11/new-ransomware-group-emerges-with-hives.html
Details	Url	2	https://www.bleepingcomputer.com/news/security/ipstorm-botnet-with-23-000-proxies-for-malicious-traffic-dismantled
Details	Url	3	https://www.rnbo.gov.ua/files/2023_year/cybercenter/november/apt29
Details	Url	2	https://www.infosecurity-magazine.com/news/us-dismantles-ipstorm-botnet-proxy
Details	Url	2	https://www.bleepingcomputer.com/news/security/fbi-shares-tactics-of-notorious-scattered-spider-hacker-collective
Details	Url	87	http://360.net