ioc[.]one - OSINT Cyber Threat Intelligence Database

Winter Vivern: Zero-Day XSS Exploit Targets Roundcube Servers

Tags

country:	Belarus
maec-delivery-vectors:	Watering Hole
attack-pattern:	Javascript - T1059.007 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Powershell - T1086 Scripting - T1064 Scripting

Show in Graph

Common Information

Type	Value
UUID	607d168c-bcb6-4347-8387-eb69a1d77bc2
Fingerprint	224cf5910bbae6a1
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 25, 2023, 4 p.m.
Added to db	Oct. 25, 2023, 6:13 p.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	Winter Vivern: Zero-Day XSS Exploit Targets Roundcube Servers
Title	Winter Vivern: Zero-Day XSS Exploit Targets Roundcube Servers
Detected Hints/Tags/Attributes	31/3/4

Source URLs

	Redirection	Url
Details	Source	https://www.infosecurity-magazine.com/news/winter-vivern-zero-day-targets/

URL Provider

Details	Provider	Source level domain
Details	infosecurity-magazine.com	www.infosecurity-magazine.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	135	✔	—	https://infosecurity-magazine.com/rss/news/	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	48		cve-2020-35730
Details	CVE	32		cve-2023-5631
Details	File	7		rcube_washtml.php
Details	Threat Actor Identifier - APT	783		APT28