ioc[.]one - OSINT Cyber Threat Intelligence Database

Windows Warns of Storm-0501 Group Deploying Ransomware to Hybrid Cloud Environments

Tags

country:	Australia Cyprus North Korea Netherlands Germany Hong Kong Sweden Singapore United Kingdom United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Remote Desktop Protocol - T1021.001 Social Media - T1593.001 Vulnerabilities - T1588.006 Remote Desktop Protocol - T1076 Windows Management Instrumentation - T1047

Show in Graph

Common Information

Type	Value
UUID	a883b4f0-698f-4ce8-8463-bcdfcfa327ed
Fingerprint	83bb05732fb2afcb
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 4, 2024, 1:20 p.m.
Added to db	Oct. 4, 2024, 4:05 p.m.
Last updated	Nov. 17, 2024, 5:57 p.m.
Headline	Windows Warns of Storm-0501 Group Deploying Ransomware to Hybrid Cloud Environments
Title	Windows Warns of Storm-0501 Group Deploying Ransomware to Hybrid Cloud Environments
Detected Hints/Tags/Attributes	98/3/19

Source URLs

	Redirection	Url
Details	Source	https://www.picussecurity.com/resource/blog/windows-warns-of-storm-0501-group-deploying-ransomware-to-hybrid-cloud-environments

URL Provider

Details	Provider	Source level domain
Details	picussecurity.com	www.picussecurity.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	352	✔	Resources-2	https://www.picussecurity.com/resource/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	36		cve-2024-7593
Details	CVE	61		cve-2024-43461
Details	CVE	76		cve-2022-47966
Details	CVE	116		cve-2023-4966
Details	CVE	25		cve-2023-29300
Details	CVE	30		cve-2023-38203
Details	Domain	9		ston.fi
Details	Domain	39		www.helpnetsecurity.com
Details	Domain	280		thehackernews.com
Details	File	3		north-korean-hackers-target.html
Details	Mandiant Temporary Group Assumption	44		TEMP.HERMIT
Details	Mandiant Uncategorized Groups	44		UNC2970
Details	Microsoft Threat Actor Naming Taxonomy (Groups in development)	36		Storm-0501
Details	Microsoft Threat Actor Naming Taxonomy (Groups in development)	11		Storm-0494
Details	Microsoft Threat Actor Naming Taxonomy (Groups in development)	4		storm-0501
Details	Url	1		https://www.helpnetsecurity.com/2024/09/25/cve-2024-7593-exploited/.
Details	Url	1		https://www.microsoft.com/en-us/security/blog/2024/09/26/storm-0501-ransomware-attacks-expanding-to-hybrid-cloud-environments/.
Details	Url	1		https://www.bleepingcomputer.com/news/microsoft/microsoft-vanilla-tempest-hackers-hit-healthcare-with-inc-ransomware/.
Details	Url	3		https://thehackernews.com/2024/09/north-korean-hackers-target.html