ioc[.]one - OSINT Cyber Threat Intelligence Database

安全事件周报 2024-03-04 第10周

Tags

country:	Switzerland Germany Moldova Russia Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Models Confluence - T1213.001 Credentials - T1589.001 Firmware - T1592.003 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566

Show in Graph

Common Information

Type	Value
UUID	63717439-c18a-47c6-8fe6-681d7ea6d4cd
Fingerprint	8abe085a8a952c59
Analysis status	DONE
Considered CTI value	2
Text language
Published	March 4, 2024, midnight
Added to db	Aug. 31, 2024, 9:05 a.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	安全事件周报 2024-03-04 第10周
Title	安全事件周报 2024-03-04 第10周
Detected Hints/Tags/Attributes	100/3/96

Source URLs

	Redirection	Url
Details	Source	https://mp.weixin.qq.com/s?__biz=MzU5MjEzOTM3NA==&mid=2247504048&idx=1&sn=cee2a91b693a797f564fe9cce57b0aa8&chksm=fe26d5b1c9515ca77ec241793a9728e614c4f55a7bb27269a178427b5c96bd4959f9b043b982&scene=58&subscene=0#rd

URL Provider

Details	Provider	Source level domain
Details	qq.com	mp.weixin.qq.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	263	✔	三六零CERT	https://wechat2rss.xlab.app/feed/2dbce2e5f7b49dc8415db7a0ab325929e0f5d8c3.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CERT 360 CN	1	CERT-R-2024-736
Details	CVE	25	cve-2024-1708
Details	CVE	29	cve-2024-1709
Details	CVE	122	cve-2022-26134
Details	CVE	17	cve-2023-29360
Details	CVE	42	cve-2023-46805
Details	CVE	9	cve-2024-27199
Details	CVE	16	cve-2024-27198
Details	CVE	4	cve-2024-23225
Details	CVE	7	cve-2024-23296
Details	CVE	8	cve-2024-22252
Details	CVE	5	cve-2024-22253
Details	Domain	280	thehackernews.com
Details	Domain	137	securityaffairs.com
Details	Domain	133	www.infosecurity-magazine.com
Details	Domain	208	mp.weixin.qq.com
Details	Domain	91	360.net
Details	Domain	100	cert.360.cn
Details	File	1	new-bifrose-linux-malware-variant-using.html
Details	File	1	nso-group-vs-meta-pegasus-hand-over.html
Details	File	1	over-100-malicious-aiml-models-found-on.html
Details	File	1	hackers-exploit-connectwise.html
Details	File	384	www.inf
Details	File	1	snake-info-stealer.html
Details	File	1	over-225000-compromised-chatgpt.html
Details	File	1	new-phishing-kit-leverages-sms-voice.html
Details	File	1	phobos-ransomware-aggressively.html
Details	File	1	ukraine-gur-hacked-russian-ministry-of-defense.html
Details	File	1	hackers-exploit-misconfigured-yarn.html
Details	File	1	new-apt-group-lotus-bane-behind-recent.html
Details	File	1	moldova-warns-of-hybrid-attacks-from-russia.html
Details	File	1	hacked-wordpress-sites-abusing-visitors.html
Details	File	5	mskssrv.sys
Details	File	1	fiveeye-warns-ivanti-gateways-attacks.html
Details	File	1	critical-jetbrains-teamcity-on-premises.html
Details	File	1	vmware-issues-security-patches-for-esxi.html
Details	File	1	us-charged-iranian-national.html
Details	File	1	germany-police-seized-crimemarket.html
Details	File	1	cisa-phobos-ransomware-attacks.html
Details	Threat Actor Identifier - APT	132	APT32
Details	Threat Actor Identifier - APT	115	APT43
Details	Url	1	https://thehackernews.com/2024/03/new-bifrose-linux-malware-variant-using.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/stealthy-gtpdoor-linux-malware-targets-mobile-operator-networks
Details	Url	1	https://securityaffairs.com/159847/security/nso-group-vs-meta-pegasus-hand-over.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/screenconnect-flaws-exploited-to-drop-new-toddleshark-malware
Details	Url	1	https://thehackernews.com/2024/03/over-100-malicious-aiml-models-found-on.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/new-wograt-malware-abuses-online-notepad-service-to-store-malware
Details	Url	1	https://thehackernews.com/2024/03/hackers-exploit-connectwise.html
Details	Url	1	https://www.kroll.com/en/insights/publications/cyber/screenconnect-vulnerability-exploited-to-deploy-babyshark
Details	Url	1	https://www.infosecurity-magazine.com/news/linux-malware-targets-docker
Details	Url	1	https://www.darkreading.com/cloud-security/stealthy-bifrost-rat-linux-variants-use-typosquatting-to-evade-detection-
Details	Url	1	https://securityaffairs.com/160131/malware/snake-info-stealer.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/american-express-credit-cards-exposed-in-third-party-data-breach
Details	Url	1	https://thehackernews.com/2024/03/over-225000-compromised-chatgpt.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/hackers-target-fcc-crypto-firms-in-advanced-okta-phishing-attacks
Details	Url	1	https://thehackernews.com/2024/03/new-phishing-kit-leverages-sms-voice.html
Details	Url	1	https://thehackernews.com/2024/03/phobos-ransomware-aggressively.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/ukraine-claims-it-hacked-russian-ministry-of-defense-servers
Details	Url	1	https://www.bleepingcomputer.com/news/security/north-korea-hacks-two-south-korean-chip-firms-to-steal-engineering-data
Details	Url	1	https://www.bleepingcomputer.com/news/security/hackers-steal-windows-ntlm-authentication-hashes-in-phishing-attacks
Details	Url	1	https://securityaffairs.com/159981/cyber-warfare-2/ukraine-gur-hacked-russian-ministry-of-defense.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/hackers-impersonate-us-government-agencies-in-bec-attacks
Details	Url	1	https://thehackernews.com/2024/03/hackers-exploit-misconfigured-yarn.html
Details	Url	1	https://thehackernews.com/2024/03/new-apt-group-lotus-bane-behind-recent.html
Details	Url	1	https://www.infosecurity-magazine.com/news/ta4903s-phishing-target-us-entities
Details	Url	1	https://www.bleepingcomputer.com/news/security/petsmart-warns-of-credential-stuffing-attacks-trying-to-hack-accounts
Details	Url	1	https://www.infosecurity-magazine.com/news/evasive-panda-targets-tibet
Details	Url	1	https://securityaffairs.com/160112/cyber-warfare-2/moldova-warns-of-hybrid-attacks-from-russia.html
Details	Url	1	https://thehackernews.com/2024/03/hacked-wordpress-sites-abusing-visitors.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/cisa-warns-of-microsoft-streaming-bug-exploited-in-malware-attacks
Details	Url	1	https://securityaffairs.com/159807/hacking/fiveeye-warns-ivanti-gateways-attacks.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/exploit-available-for-new-critical-teamcity-auth-bypass-bug-patch-now
Details	Url	1	https://www.bleepingcomputer.com/news/apple/apple-fixes-two-new-ios-zero-days-exploited-in-attacks-on-iphones
Details	Url	1	https://thehackernews.com/2024/03/critical-jetbrains-teamcity-on-premises.html
Details	Url	1	https://thehackernews.com/2024/03/vmware-issues-security-patches-for-esxi.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/flipper-zero-wifi-phishing-attack-can-unlock-and-steal-tesla-cars
Details	Url	1	https://www.bleepingcomputer.com/news/security/anycubic-fixes-exploited-3d-printer-zero-day-flaw-with-new-firmware
Details	Url	1	https://securityaffairs.com/159837/hacking/us-charged-iranian-national.html
Details	Url	1	https://hunt.io/blog/open-directory-exposes-phishing-campaign-targeting-google-and-naver-credentials
Details	Url	1	https://www.infosecurity-magazine.com/news/skype-google-meet-zoom-trojan-scam
Details	Url	1	https://www.bleepingcomputer.com/news/security/fbi-us-lost-record-125-billion-to-online-crime-in-2023
Details	Url	1	https://securityaffairs.com/159813/cyber-crime/germany-police-seized-crimemarket.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/nsa-shares-zero-trust-guidance-to-limit-adversaries-on-the-network
Details	Url	1	https://www.bleepingcomputer.com/news/security/cisa-nsa-share-best-practices-for-securing-cloud-services
Details	Url	1	https://securityaffairs.com/159822/cyber-crime/cisa-phobos-ransomware-attacks.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/switzerland-play-ransomware-leaked-65-000-government-documents
Details	Url	2	https://mp.weixin.qq.com/s/yzd0avq2wzi-v-eb73f6lq
Details	Url	1	https://www.bleepingcomputer.com/news/security/blackcat-ransomware-turns-off-servers-amid-claim-they-stole-22-million-ransom
Details	Url	1	https://www.infosecurity-magazine.com/news/hacktivist-collective-noname057
Details	Url	1	https://www.bleepingcomputer.com/news/technology/facebook-and-instagram-outage-logs-out-users-passwords-not-working
Details	Url	1	https://www.bleepingcomputer.com/news/legal/us-sanctions-predator-spyware-operators-for-spying-on-americans
Details	Url	1	https://www.bleepingcomputer.com/news/security/hackers-abuse-qemu-to-covertly-tunnel-network-traffic-in-cyberattacks
Details	Url	1	https://www.infosecurity-magazine.com/news/eu-cyber-solidarity-incident
Details	Url	1	https://www.infosecurity-magazine.com/news/us-sanctions-predator-spywaremaker
Details	Url	87	http://360.net
Details	Url	93	https://cert.360.cn