ioc[.]one - OSINT Cyber Threat Intelligence Database

安全事件周报 2023-07-10 第28周

Tags

country:	Bangladesh Mali Russia Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Bootkit - T1542.003 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Python - T1059.006 Bootkit - T1067 Rootkit - T1014 Rootkit

Show in Graph

Common Information

Type	Value
UUID	90fa5049-a4c5-42bd-97ad-619442cdc39e
Fingerprint	39d66959ffc4e7d6
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 10, 2023, midnight
Added to db	July 17, 2023, 1:01 p.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	安全事件周报 2023-07-10 第28周
Title	安全事件周报 2023-07-10 第28周
Detected Hints/Tags/Attributes	78/3/106

Source URLs

	Redirection	Url
Details	Source	https://mp.weixin.qq.com/s?__biz=MzU5MjEzOTM3NA==&mid=2247493374&idx=1&sn=9b76d6eabef163d8d63a629618b6996e&chksm=fe26e3ffc9516ae9964e9bbe942a58f745478fee374e357dc8aa47fd99e683003ec62eb53e2d&scene=58&subscene=0#rd

URL Provider

Details	Provider	Source level domain
Details	qq.com	mp.weixin.qq.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	263	✔	三六零CERT	https://wechat2rss.xlab.app/feed/2dbce2e5f7b49dc8415db7a0ab325929e0f5d8c3.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CERT 360 CN	1	CERT-R-2023-282
Details	CERT Ukraine	14	UAC-0057
Details	CVE	4	cve-2023-31998
Details	CVE	119	cve-2023-36884
Details	CVE	21	cve-2023-20864
Details	CVE	50	cve-2023-37450
Details	CVE	6	cve-2023-3664
Details	CVE	19	cve-2023-33308
Details	CVE	6	cve-2023-24492
Details	CVE	11	cve-2023-20214
Details	CVE	13	cve-2023-35829
Details	Domain	133	www.infosecurity-magazine.com
Details	Domain	137	securityaffairs.com
Details	Domain	3	razer.com
Details	Domain	138	www.darkreading.com
Details	Domain	83	cert.gov.ua
Details	Domain	224	unit42.paloaltonetworks.com
Details	Domain	71	blogs.jpcert.or.jp
Details	Domain	21	lab52.io
Details	Domain	208	mp.weixin.qq.com
Details	Domain	91	360.net
Details	Domain	100	cert.360.cn
Details	File	384	www.inf
Details	File	1	romcom-rat-groups-supporting-ukraine.html
Details	File	1	microsoft-blocked-storm-0558-attack.html
Details	File	1	该攻击针对的是计算机上安装了python或node.js
Details	File	2	dangerouspassword_dev.html
Details	File	2	android-actively-exploited-flaws-fixed.html
Details	File	1	revolut-payment-systems-flaw.html
Details	File	1	ubiquiti-edgerouter-flaw.html
Details	File	2	vmware-vmware-rce-exploit.html
Details	File	1	office-zero-day-cve-2023-36884.html
Details	File	1	fortinet-fortios-fortiproxy-critical-bug-2.html
Details	File	1	citrix-critical-flaw-secure-access-client-for-ubuntu.html
Details	File	1	sonicwall-critical-flaws-gms-analytics.html
Details	File	1	zimbra-collaboration-suite-zeroday.html
Details	File	1	ta453-malware-windows-macos.html
Details	File	1	cl0p-hacker-operating-from-russia-ukraine.html
Details	File	1	antidetect-tooling-mobile-fraud.html
Details	IPv4	12	2.5.0.4
Details	Mandiant Temporary Group Assumption	35	TEMP.HEX
Details	Microsoft Threat Actor Naming Taxonomy (Groups in development)	115	Storm-0558
Details	Microsoft Threat Actor Naming Taxonomy (Groups in development)	9	storm-0558
Details	Microsoft Threat Actor Naming Taxonomy (Groups in development)	79	Storm-0978
Details	Threat Actor Identifier - APT	194	APT35
Details	Threat Actor Identifier - APT	665	APT29
Details	Url	1	https://www.infosecurity-magazine.com/news/us-canadian-truebot-activity
Details	Url	1	https://www.infosecurity-magazine.com/news/malicious-npm-packages-support-1
Details	Url	1	https://securityaffairs.com/148324/intelligence/romcom-rat-groups-supporting-ukraine.html
Details	Url	2	https://www.bleepingcomputer.com/news/security/new-pyloose-linux-malware-mines-crypto-directly-from-memory
Details	Url	1	https://www.bleepingcomputer.com/news/security/source-code-for-blacklotus-windows-uefi-malware-leaked-on-github
Details	Url	1	https://www.infosecurity-magazine.com/news/twitter-user-exposes-nickelodeon
Details	Url	1	https://www.bleepingcomputer.com/news/security/razer-investigates-data-breach-claims-resets-user-sessions
Details	Url	1	https://www.bleepingcomputer.com/news/security/deutsche-bank-confirms-provider-breach-exposed-customer-data
Details	Url	1	https://www.darkreading.com/dr-global/bangladesh-government-website-leaks-personal-data
Details	Url	1	https://www.darkreading.com/attacks-breaches/11m-hca-healthcare-patients-impacted-data-breach
Details	Url	3	https://cert.gov.ua/article/5098518
Details	Url	1	https://securityaffairs.com/148387/hacking/microsoft-blocked-storm-0558-attack.html
Details	Url	4	https://unit42.paloaltonetworks.com/cloaked-ursa-phishing
Details	Url	1	https://blogs.jpcert.or.jp/ja/2023/07/dangerouspassword_dev.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/cisa-warns-govt-agencies-to-patch-actively-exploited-android-driver
Details	Url	2	https://securityaffairs.com/148286/mobile-2/android-actively-exploited-flaws-fixed.html
Details	Url	1	https://securityaffairs.com/148315/breaking-news/revolut-payment-systems-flaw.html
Details	Url	1	https://securityaffairs.com/148334/hacking/ubiquiti-edgerouter-flaw.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/microsoft-unpatched-office-zero-day-exploited-in-nato-summit-attacks
Details	Url	2	https://securityaffairs.com/148346/hacking/vmware-vmware-rce-exploit.html
Details	Url	1	https://www.darkreading.com/endpoint/apple-rapid-zero-day-patch-causes-safari-issues
Details	Url	1	https://www.darkreading.com/application-security/microsoft-discloses--zero-days-in-voluminous-july-security-update
Details	Url	1	https://www.bleepingcomputer.com/news/security/critical-rce-found-in-popular-ghostscript-open-source-pdf-library
Details	Url	2	https://www.bleepingcomputer.com/news/security/sonicwall-warns-admins-to-patch-critical-auth-bypass-bugs-immediately
Details	Url	1	https://securityaffairs.com/148380/hacking/office-zero-day-cve-2023-36884.html
Details	Url	1	https://securityaffairs.com/148395/hacking/fortinet-fortios-fortiproxy-critical-bug-2.html
Details	Url	1	https://securityaffairs.com/148405/security/citrix-critical-flaw-secure-access-client-for-ubuntu.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/cisco-sd-wan-vmanage-impacted-by-unauthenticated-rest-api-access
Details	Url	1	https://securityaffairs.com/148411/security/sonicwall-critical-flaws-gms-analytics.html
Details	Url	1	https://securityaffairs.com/148429/hacking/zimbra-collaboration-suite-zeroday.html
Details	Url	1	https://www.infosecurity-magazine.com/news/ransomware-healthcare-cyber-threats
Details	Url	3	https://www.bleepingcomputer.com/news/security/new-big-head-ransomware-displays-fake-windows-update-alert
Details	Url	2	https://www.bleepingcomputer.com/news/security/charming-kitten-hackers-use-new-noknok-malware-for-macos
Details	Url	1	https://securityaffairs.com/148275/apt/ta453-malware-windows-macos.html
Details	Url	2	https://www.proofpoint.com/us/blog/threat-insight/welcome-new-york-exploring-ta453s-foray-lnks-and-mac-malware
Details	Url	1	https://www.darkreading.com/operations/analysts-cybersecurity-funding-uptick-2h-2023
Details	Url	5	https://cert.gov.ua/article/5105791
Details	Url	3	https://lab52.io/blog/beyond-appearances-unknown-actor-using-apt29s-ttp-against-chinese-users
Details	Url	3	https://mp.weixin.qq.com/s/uyv4x-46dkkpx76uzqytmg
Details	Url	1	https://threatmon.io/from-slides-to-threats-transparent-tribes-new-attack-on-indian-government-entities-using-malicious-ppt
Details	Url	1	https://securityaffairs.com/148399/cyber-crime/cl0p-hacker-operating-from-russia-ukraine.html
Details	Url	1	https://www.infosecurity-magazine.com/news/mandiant-russian-gru-cyber
Details	Url	1	https://www.bleepingcomputer.com/news/security/usb-drive-malware-attacks-spiking-again-in-first-half-of-2023
Details	Url	1	https://www.infosecurity-magazine.com/news/hsbc-quantum-secure-network
Details	Url	1	https://www.darkreading.com/endpoint/deepfake-quantum-ai-investment-facebook
Details	Url	1	https://www.darkreading.com/endpoint/amazon-prime-day-cyber-scammers
Details	Url	1	https://www.darkreading.com/dr-tech/nist-launches-generative-ai-working-group
Details	Url	1	https://www.bleepingcomputer.com/news/microsoft/microsoft-rebrands-azure-active-directory-to-microsoft-entra-id
Details	Url	1	https://www.bleepingcomputer.com/news/security/github-goes-passwordless-announces-passkeys-beta-preview
Details	Url	1	https://www.infosecurity-magazine.com/news/cvss-version-unveiled-cyber-threats
Details	Url	1	https://www.bleepingcomputer.com/news/google/google-play-will-enforce-business-checks-to-curb-malware-submissions
Details	Url	1	https://www.bleepingcomputer.com/news/security/former-employee-charged-for-attacking-water-treatment-plant
Details	Url	1	https://www.darkreading.com/dr-global/apt35-mac-bespoke-malware
Details	Url	1	https://www.bleepingcomputer.com/news/security/hackers-exploit-windows-policy-to-load-malicious-kernel-drivers
Details	Url	1	https://securityaffairs.com/148341/cyber-crime/antidetect-tooling-mobile-fraud.html
Details	Url	1	https://www.bleepingcomputer.com/news/security/russian-state-hackers-lure-western-diplomats-with-bmw-car-ads
Details	Url	1	https://www.infosecurity-magazine.com/news/white-house-plan-us-national-cyber
Details	Url	1	https://www.bleepingcomputer.com/news/security/fake-linux-vulnerability-exploit-drops-data-stealing-malware
Details	Url	87	http://360.net
Details	Url	93	https://cert.360.cn