安全事件周报 2023-09-11 第37周
Tags
| country: | Sudan Russia |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Models Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Python - T1059.006 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | a204c113-27a0-4671-813b-32f4f7397cdd |
| Fingerprint | edc571cb5723ecd3 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Sept. 11, 2023, midnight |
| Added to db | Oct. 23, 2023, 1:08 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | 安全事件周报 2023-09-11 第37周 |
| Title | 安全事件周报 2023-09-11 第37周 |
| Detected Hints/Tags/Attributes | 84/3/101 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 263 | ✔ | 三六零CERT | https://wechat2rss.xlab.app/feed/2dbce2e5f7b49dc8415db7a0ab325929e0f5d8c3.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CERT 360 CN | 1 | CERT-R-2023-414 |
|
| Details | CVE | 76 | cve-2022-47966 |
|
| Details | CVE | 22 | cve-2023-41064 |
|
| Details | CVE | 12 | cve-2023-41061 |
|
| Details | CVE | 5 | cve-2023-20238 |
|
| Details | CVE | 23 | cve-2023-20269 |
|
| Details | CVE | 17 | cve-2023-26369 |
|
| Details | CVE | 13 | cve-2023-36761 |
|
| Details | CVE | 21 | cve-2023-36802 |
|
| Details | CVE | 3 | cve-2023-3893 |
|
| Details | CVE | 3 | cve-2023-3955 |
|
| Details | CVE | 41 | cve-2023-3676 |
|
| Details | Domain | 138 | www.darkreading.com |
|
| Details | Domain | 137 | securityaffairs.com |
|
| Details | Domain | 133 | www.infosecurity-magazine.com |
|
| Details | Domain | 84 | www.zscaler.com |
|
| Details | Domain | 272 | outlook.com |
|
| Details | Domain | 208 | mp.weixin.qq.com |
|
| Details | Domain | 1 | starmap.dbappsecurity.com.cn |
|
| Details | Domain | 91 | 360.net |
|
| Details | Domain | 100 | cert.360.cn |
|
| Details | File | 1 | russian-journalists-iphone-pegasus-spyware.html |
|
| Details | File | 384 | www.inf |
|
| Details | File | 1 | mayanei-hayeshua-hospital.html |
|
| Details | File | 1 | save-the-children-cyber-attack.html |
|
| Details | File | 1 | mgm-resorts-cyber-attack.html |
|
| Details | File | 1 | repojacking-attack-github-repositories.html |
|
| Details | File | 1 | fortinet-fortios-zoho-attacks.html |
|
| Details | File | 1 | cve-2023-20269-cisco-asa-e-ftd.html |
|
| Details | File | 1 | adobe-zero-day-acrobat-reader.html |
|
| Details | File | 1 | kubernetes-flaws-rce.html |
|
| Details | File | 1 | top-universities-cybersecurity-failures.html |
|
| Details | File | 1 | rhysida-ransomware-us-hospitals.html |
|
| Details | File | 1 | starmap.db |
|
| Details | File | 1 | largest-ddos-us-financial-company.html |
|
| Details | Microsoft Threat Actor Naming Taxonomy (Groups in development) | 115 | Storm-0558 |
|
| Details | Microsoft Threat Actor Naming Taxonomy (Groups in development) | 12 | Storm-0324 |
|
| Details | Threat Actor Identifier - APT-C | 30 | APT-C-26 |
|
| Details | Threat Actor Identifier - APT-Q | 3 | APT-Q-77 |
|
| Details | Threat Actor Identifier - APT | 783 | APT28 |
|
| Details | Threat Actor Identifier - APT | 121 | APT36 |
|
| Details | Threat Actor Identifier - APT | 181 | APT33 |
|
| Details | Url | 1 | https://www.darkreading.com/attacks-breaches/evil-telegram-spyware-campaign-infects-60k-mobile-users |
|
| Details | Url | 2 | https://www.darkreading.com/application-security/steal-it-campaign-onlyfans-models-lures |
|
| Details | Url | 1 | https://www.darkreading.com/endpoint/millions-facebook-business-accounts-python-malware |
|
| Details | Url | 1 | https://www.darkreading.com/attacks-breaches/when-lockbit-ransomware-fails-attackers-deploy-brand-new-3am |
|
| Details | Url | 1 | https://securityaffairs.com/150816/intelligence/russian-journalists-iphone-pegasus-spyware.html |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/fake-cisco-webex-google-ads-abuse-tracking-templates-to-push-malware |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/3am-ransomware-variant-discovered |
|
| Details | Url | 1 | https://securityaffairs.com/150540/hacking/mayanei-hayeshua-hospital.html |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/manchester-police-officers-data-exposed-in-ransomware-attack |
|
| Details | Url | 1 | https://www.darkreading.com/dr-global/iranian-apt-hits-us-aviation-org-via-manageengine-fortinet-bugs |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/redfly-group-compromises-national |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/windows-targeted-multi-stage |
|
| Details | Url | 1 | https://securityaffairs.com/150750/cyber-crime/save-the-children-cyber-attack.html |
|
| Details | Url | 1 | https://securityaffairs.com/150701/hacking/mgm-resorts-cyber-attack.html |
|
| Details | Url | 1 | https://securityaffairs.com/150713/hacking/repojacking-attack-github-repositories.html |
|
| Details | Url | 2 | https://www.welivesecurity.com/en/eset-research/sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor |
|
| Details | Url | 5 | https://www.zscaler.com/blogs/security-research/peek-apt36-s-updated-arsenal |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/apple-patches-two-zerodays-pegasus |
|
| Details | Url | 1 | https://www.darkreading.com/vulnerabilities-threats/critical-security-bug-cisco-broadworks-complete-takeover |
|
| Details | Url | 1 | https://www.darkreading.com/attacks-breaches/microsoft-ids-security-gaps-that-let-threat-actor-steal-signing-key |
|
| Details | Url | 1 | https://securityaffairs.com/150508/hacking/fortinet-fortios-zoho-attacks.html |
|
| Details | Url | 1 | https://securityaffairs.com/150516/hacking/cve-2023-20269-cisco-asa-e-ftd.html |
|
| Details | Url | 1 | https://securityaffairs.com/150733/security/adobe-zero-day-acrobat-reader.html |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/us-government-ordered-patch-apple |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/fixes-two-zeroday-bugs-used-attacks |
|
| Details | Url | 1 | https://www.darkreading.com/application-security/microsoft-azure-hdinsight-xss-vulnerabilities |
|
| Details | Url | 1 | https://www.darkreading.com/vulnerabilities-threats/kubernetes-admins-warned-to-patch-clusters-against-new-rce-vulns |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/cloud-cves-surge-200-in-a-year |
|
| Details | Url | 1 | https://securityaffairs.com/150807/hacking/kubernetes-flaws-rce.html |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/north-korean-campaign-targets |
|
| Details | Url | 1 | https://securityaffairs.com/150596/security/top-universities-cybersecurity-failures.html |
|
| Details | Url | 3 | https://mp.weixin.qq.com/s/nmtqww-jhkdkbwfpydfpra |
|
| Details | Url | 3 | https://mp.weixin.qq.com/s/qr8ljrz9d7rgj9xh9vpctg |
|
| Details | Url | 1 | https://www.darkreading.com/attacks-breaches/recent-rhysida-attacks-show-focus-on-healthcare-sector-by-ransomware-actors |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/microsoft-teams-phishing-campaign |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/lack-cyber-experts-uk-government |
|
| Details | Url | 1 | https://mp.weixin.qq.com/s/q287vb0sc8xfcrmsor-o7w |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/mgm-casinos-esxi-servers-allegedly-encrypted-in-ransomware-attack |
|
| Details | Url | 2 | https://mp.weixin.qq.com/s/g9bhq2of0ixa9lzy-lpfeg |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/pentagon-urges-cyber-defense-collab |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/ico-ncsc-share-anonymized-threat |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/cisa-plan-enhance-open-source |
|
| Details | Url | 1 | https://www.darkreading.com/iot/federal-mandates-on-medical-device-cybersecurity-mandate-get-serious |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/ransomware-sri-lanka-government |
|
| Details | Url | 1 | https://securityaffairs.com/150585/cyber-crime/rhysida-ransomware-us-hospitals.html |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/lazarus-group-targets-macos-supply |
|
| Details | Url | 1 | https://www.darkreading.com/dr-global/israeli-hospital-hit-by-attackers-1tb-data-stolen |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/auckland-transport-authority-hit-by-suspected-ransomware-attack |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/caesars-entertainment-confirms-ransom-payment-customer-data-theft |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/regulator-fertility-app-security |
|
| Details | Url | 1 | https://www.infosecurity-magazine.com/news/russian-nine-year-sentence-hacking |
|
| Details | Url | 1 | https://starmap.dbappsecurity.com.cn/blog/articles/2023/09/06/scarcruft-fukushima |
|
| Details | Url | 1 | https://www.darkreading.com/endpoint/phishers-abuse-google-looker-studio-dmarc-email-security |
|
| Details | Url | 1 | https://securityaffairs.com/150570/cyber-crime/largest-ddos-us-financial-company.html |
|
| Details | Url | 1 | https://www.darkreading.com/dr-global/irans-charming-kitten-israeli-exchange-servers |
|
| Details | Url | 1 | https://www.darkreading.com/attacks-breaches/anonymous-sudan-sets-sights-telegram-ddos-attack |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/iranian-hackers-breach-defense-orgs-in-password-spray-attacks |
|
| Details | Url | 87 | http://360.net |
|
| Details | Url | 93 | https://cert.360.cn |