深入剖析针对中国用户的 SLOW#TEMPEST 攻击活动
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 62fa3298-9336-4d19-8337-d3e5978499e7 |
| Fingerprint | 1062a0cca38a58de |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | June 20, 2024, midnight |
| Added to db | Aug. 31, 2024, 5 p.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | 深入剖析针对中国用户的 SLOW#TEMPEST 攻击活动 |
| Title | 深入剖析针对中国用户的 SLOW#TEMPEST 攻击活动 |
| Detected Hints/Tags/Attributes | 33/2/28 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://cn-sec.com/archives/3115901.html |
| Details | Source | https://cn-sec.com/archives/3115901.html |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 483 | ✔ | CN-SEC 中文网 | https://cn-sec.com/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 13 | www.securonix.com |
|
| Details | Domain | 280 | thehackernews.com |
|
| Details | Domain | 138 | www.securityweek.com |
|
| Details | Domain | 99 | therecord.media |
|
| Details | File | 9 | 违规远程控制软件人员名单.docx |
|
| Details | File | 10 | licensingui.exe |
|
| Details | File | 24 | dui70.dll |
|
| Details | File | 8 | lld.exe |
|
| Details | File | 2 | new-cyberattack-targets-chinese.html |
|
| Details | File | 4 | threat-actors-target-middle-east-using-fake-tool.html |
|
| Details | File | 2 | north-korean-hackers-target-developers.html |
|
| Details | File | 3 | cyberattackers-exploit-google-sheets.html |
|
| Details | File | 1 | atlassian-confluence-vulnerability.html |
|
| Details | IPv4 | 6 | 123.207.74.22 |
|
| Details | Url | 1 | https://www.securonix.com/blog/from-cobalt-strike-to-mimikatz-slowtempest |
|
| Details | Url | 2 | https://thehackernews.com/2024/08/new-cyberattack-targets-chinese.html |
|
| Details | Url | 2 | https://www.securityweek.com/google-catches-russian-apt-re-using-exploits-from-spyware-merchants-nso-group-intellexa |
|
| Details | Url | 1 | https://www.securityweek.com/iranian-hackers-use-new-tickler-malware-to-collect-intel-from-us-uae |
|
| Details | Url | 4 | https://www.trendmicro.com/en_us/research/24/h/threat-actors-target-middle-east-using-fake-tool.html |
|
| Details | Url | 2 | https://www.darkreading.com/threat-intelligence/irans-fox-kitten-group-aids-ransomware-attacks-on-us-targets |
|
| Details | Url | 2 | https://thehackernews.com/2024/08/north-korean-hackers-target-developers.html |
|
| Details | Url | 3 | https://thehackernews.com/2024/08/cyberattackers-exploit-google-sheets.html |
|
| Details | Url | 2 | https://www.securityweek.com/us-government-issues-advisory-on-ransomware-group-blamed-for-halliburton-cyberattack |
|
| Details | Url | 1 | https://www.securityweek.com/blackbyte-ransomware-gang-believed-to-be-more-active-than-leak-site-suggests |
|
| Details | Url | 1 | https://therecord.media/avtech-zero-day-cctv-cameras-mirai-botnet-variant |
|
| Details | Url | 1 | https://thehackernews.com/2024/08/atlassian-confluence-vulnerability.html |
|
| Details | Url | 2 | https://www.securityweek.com/fortra-patches-critical-vulnerability-in-filecatalyst-workflow |
|
| Details | Url | 2 | https://www.securityweek.com/critical-flaws-in-progress-software-whatsup-gold-expose-systems-to-full-compromise |