AA24-241A : Joint Cybersecurity Advisory on Iran-based Cyber Actors Targeting US Organizations
Tags
cmtmf-attack-pattern: Command And Scripting Interpreter Exploit Public-Facing Application Scheduled Task/Job
country: United Arab Emirates Azerbaijan Iran Israel
attack-pattern: Data Additional Cloud Credentials - T1098.001 Command And Scripting Interpreter - T1623 Credentials - T1589.001 Domain Accounts - T1078.002 Domain Trust Discovery - T1482 Exploit Public-Facing Application - T1377 Exploits - T1587.004 Exploits - T1588.005 Local Accounts - T1078.003 Powershell - T1059.001 Remote Access Software - T1663 Scheduled Task - T1053.005 Scheduled Task/Job - T1603 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Account Manipulation - T1098 Command-Line Interface - T1059 Exploit Public-Facing Application - T1190 External Remote Services - T1133 Powershell - T1086 Query Registry - T1012 Remote Access Tools - T1219 Scheduled Task - T1053 Valid Accounts - T1078 Exploit Public-Facing Application External Remote Services Valid Accounts
Show in Graph
Common Information
Type Value
UUID 720ff07b-9951-4d4f-970a-fa4699a01c0f
Fingerprint b79cd555ea11c2a5
Analysis status DONE
Considered CTI value 2
Text language
Published Aug. 28, 2024, 9:14 a.m.
Added to db Aug. 31, 2024, 8:28 a.m.
Last updated Nov. 17, 2024, 6:56 p.m.
Headline AA24-241A : Joint Cybersecurity Advisory on Iran-based Cyber Actors Targeting US Organizations
Title AA24-241A : Joint Cybersecurity Advisory on Iran-based Cyber Actors Targeting US Organizations
Detected Hints/Tags/Attributes 108/3/23
Source URLs
Redirection Url
Details Source https://www.tenable.com/blog/aa24-241a-joint-cybersecurity-advisory-on-iran-based-cyber-actors-targeting-us-organizations
URL Provider
Details Provider Source level domain
Details tenable.com www.tenable.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 244 Cyber Exposure Alerts https://tenable.com/blog/cyber-exposure-alerts/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 38 
cve-2024-3400
Details CVE 20 
cve-2024-24919
Details CVE 161 
cve-2019-19781
Details CVE 152 
cve-2023-3519
Details CVE 70 
cve-2022-1388
Details CVE 55 
cve-2024-21887
Details CVE 42 
cve-2023-46805
Details CVE 14 
cve-2024-21888
Details CVE 25 
cve-2024-21893
Details Domain 134 
shodan.io
Details Mandiant Uncategorized Groups 27 
UNC757
Details MITRE ATT&CK Techniques 501 
T1012
Details MITRE ATT&CK Techniques 460 
T1059.001
Details MITRE ATT&CK Techniques 695 
T1059
Details MITRE ATT&CK Techniques 71 
T1078.002
Details MITRE ATT&CK Techniques 306 
T1078
Details MITRE ATT&CK Techniques 43 
T1078.003
Details MITRE ATT&CK Techniques 112 
T1098
Details MITRE ATT&CK Techniques 191 
T1133
Details MITRE ATT&CK Techniques 480 
T1053
Details MITRE ATT&CK Techniques 141 
T1219
Details MITRE ATT&CK Techniques 124 
T1482
Details MITRE ATT&CK Techniques 542 
T1190