Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits | Microsoft Security Blog
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 87f1bb17-93a8-4839-82ed-80cd269cd2f9 |
| Fingerprint | a5302c3318af86e3 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | July 27, 2022, 7 a.m. |
| Added to db | Oct. 24, 2023, 1:42 p.m. |
| Last updated | Oct. 16, 2024, 3:19 a.m. |
| Headline | Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits |
| Title | Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits | Microsoft Security Blog |
| Detected Hints/Tags/Attributes | 121/4/14 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 19 | cve-2022-22047 |
|
| Details | CVE | 10 | cve-2021-31199 |
|
| Details | CVE | 9 | cve-2021-31201 |
|
| Details | CVE | 11 | cve-2021-28550 |
|
| Details | CVE | 6 | cve-2021-36948 |
|
| Details | CVE | 2 | cve-2022-2204 |
|
| Details | Domain | 2 | vultrobjects.com |
|
| Details | Domain | 2 | acrobatrelay.com |
|
| Details | Domain | 2 | demo3.dsirf.eu |
|
| Details | Domain | 2 | debugmex.dsirflabs.eu |
|
| Details | Domain | 2 | szstaging.dsirflabs.eu |
|
| Details | Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development) | 10 | DEV-0196 |
|
| Details | Windows Registry Key | 7 | HKLM\SOFTWARE\Classes\CLSID |
|
| Details | Windows Registry Key | 19 | HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest |