Bluepurple Pulse: week ending January 15th
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 6c7ba359-4b8f-4807-8d12-4ab1e868f365 |
| Fingerprint | b48101418ba6b7c1 |
| Analysis status | IN_PROGRESS |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 12, 2023, midnight |
| Added to db | May 26, 2023, 7:06 p.m. |
| Last updated | Nov. 17, 2024, 7:44 p.m. |
| Headline | Cyber Defence Analysis for Blue & Purple Teams |
| Title | Bluepurple Pulse: week ending January 15th |
| Detected Hints/Tags/Attributes | 259/4/79 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 76 | ✔ | Cyber Defence Analysis for Blue & Purple Teams | https://bluepurple.binaryfirefly.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 11 | cve-2015-2291 |
|
| Details | CVE | 16 | cve-2022-44877 |
|
| Details | CVE | 30 | cve-2022-46169 |
|
| Details | CVE | 90 | cve-2022-42475 |
|
| Details | Domain | 21 | blog.group-ib.com |
|
| Details | Domain | 262 | www.welivesecurity.com |
|
| Details | Domain | 38 | blog.netlab.360.com |
|
| Details | Domain | 224 | unit42.paloaltonetworks.com |
|
| Details | Domain | 59 | www.cybereason.com |
|
| Details | Domain | 124 | www.sentinelone.com |
|
| Details | Domain | 141 | research.checkpoint.com |
|
| Details | Domain | 2 | posts.bluraven.io |
|
| Details | Domain | 2 | www.inversecos.com |
|
| Details | Domain | 2 | winternl.com |
|
| Details | Domain | 19 | www.trustedsec.com |
|
| Details | Domain | 67 | gitlab.com |
|
| Details | Domain | 2 | invictus-ir.medium.com |
|
| Details | Domain | 71 | blogs.jpcert.or.jp |
|
| Details | Domain | 72 | aws.amazon.com |
|
| Details | Domain | 58 | redcanary.com |
|
| Details | Domain | 4 | systemweakness.com |
|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 15 | blog.aquasec.com |
|
| Details | Domain | 1 | blog.delivr.to |
|
| Details | Domain | 1 | sugarclub.sugarcrm.com |
|
| Details | Domain | 2 | tomforb.es |
|
| Details | Domain | 1 | blog.xorhex.com |
|
| Details | Domain | 8 | developers.facebook.com |
|
| Details | File | 1 | detecting-fake-events-in-azure-sign-in.html |
|
| Details | File | 533 | ntdll.dll |
|
| Details | File | 9 | win32u.dll |
|
| Details | File | 1 | cloud_malware_analysis.html |
|
| Details | Github username | 1 | matthw |
|
| Details | Github username | 1 | dallasfr |
|
| Details | Github username | 1 | weak1337 |
|
| Details | Github username | 1 | d1rkmtr |
|
| Details | Github username | 3 | mhaskar |
|
| Details | Github username | 1 | paulnorman01 |
|
| Details | Github username | 2 | numanturle |
|
| Details | Github username | 7 | cacti |
|
| Details | Github username | 3 | blasty |
|
| Details | Github username | 1 | vitoplantamura |
|
| Details | Github username | 1 | brexhq |
|
| Details | Gitlab username | 1 | bontchev |
|
| Details | Threat Actor Identifier - APT | 277 | APT37 |
|
| Details | Url | 2 | https://blog.group-ib.com/dark-pink-apt |
|
| Details | Url | 1 | https://www.welivesecurity.com/2023/01/10/strongpity-espionage-campaign-targeting-android-users |
|
| Details | Url | 1 | https://blog.netlab.360.com/headsup_xdr33_variant_of_ciahive_emeerges |
|
| Details | Url | 1 | https://unit42.paloaltonetworks.com/purpleurchin-steals-cloud-resources |
|
| Details | Url | 1 | https://www.cybereason.com/blog/threat-analysis-from-icedid-to-domain-compromise |
|
| Details | Url | 1 | https://www.sentinelone.com/labs/labscon-replay-inkysquid-the-missing-arsenal |
|
| Details | Url | 4 | https://research.checkpoint.com/2023/opwnai-cybercriminals-starting-to-use-chatgpt |
|
| Details | Url | 1 | https://posts.bluraven.io/advanced-kql-for-threat-hunting-window-functions-part-1-14ac09353ad3 |
|
| Details | Url | 1 | https://www.inversecos.com/2023/01/detecting-fake-events-in-azure-sign-in.html |
|
| Details | Url | 2 | https://winternl.com/detecting-manual-syscalls-from-user-mode |
|
| Details | Url | 3 | https://www.trustedsec.com/blog/a-lapse-in-judgement |
|
| Details | Url | 1 | https://gitlab.com/bontchev/bpfdscan |
|
| Details | Url | 1 | https://invictus-ir.medium.com/responding-to-an-attack-in-aws-9048a1a551ac |
|
| Details | Url | 1 | https://blogs.jpcert.or.jp/en/2023/01/cloud_malware_analysis.html |
|
| Details | Url | 1 | https://aws.amazon.com/about-aws/whats-new/2023/01/amazon-s3-automatically-encrypts-new-objects |
|
| Details | Url | 1 | https://redcanary.com/blog/ebpf-malware |
|
| Details | Url | 1 | https://systemweakness.com/detection-engineering-automation-chatgpt-a84ea5b044a1 |
|
| Details | Url | 1 | https://github.com/matthw/malware_analysis/tree/main/brc4 |
|
| Details | Url | 1 | https://blog.aquasec.com/can-you-trust-your-vscode-extensions |
|
| Details | Url | 1 | https://github.com/dallasfr/walkergate |
|
| Details | Url | 1 | https://blog.delivr.to/html-smuggling-recent-observations-of-threat-actor-techniques-74501d5c8a06 |
|
| Details | Url | 1 | https://github.com/weak1337/alcatraz |
|
| Details | Url | 1 | https://github.com/d1rkmtr/unhookingpatch |
|
| Details | Url | 1 | https://github.com/mhaskar/dnskeygen |
|
| Details | Url | 1 | https://github.com/paulnorman01/forensia |
|
| Details | Url | 2 | https://github.com/numanturle/cve-2022-44877 |
|
| Details | Url | 5 | https://github.com/cacti/cacti/security/advisories/ghsa-6p93-p743-35gf |
|
| Details | Url | 1 | https://github.com/blasty/lexmark |
|
| Details | Url | 1 | https://sugarclub.sugarcrm.com/engage/b/sugar-news/posts/jan-5-2023-security-vulnerability-update |
|
| Details | Url | 1 | https://tomforb.es/i-scanned-every-package-on-pypi-and-found-57-live-aws-keys |
|
| Details | Url | 1 | https://blog.xorhex.com/blog/z3-simplify-obfuscation |
|
| Details | Url | 1 | https://github.com/vitoplantamura/bugchecker |
|
| Details | Url | 1 | https://github.com/brexhq/substation |
|
| Details | Url | 1 | https://developers.facebook.com/blog/post/2022/11/22/hermit-deterministic-linux-testing |