RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks - CyberSRC
Tags
country: Slovakia
maec-delivery-vectors: Watering Hole
attack-pattern: Data Direct Reputational Harm Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID deb60e77-b277-40a9-a75d-4805fc626bba
Fingerprint b4b09910fa2fbee1
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 27, 2024, 4:39 a.m.
Added to db Nov. 27, 2024, 5:53 a.m.
Last updated Dec. 18, 2024, 11:37 p.m.
Headline RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks
Title RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks - CyberSRC
Detected Hints/Tags/Attributes 105/3/11
Source URLs
Redirection Url
Details Source https://cybersrcc.com/2024/11/27/romcom-exploits-zero-day-firefox-and-windows-flaws-in-sophisticated-cyberattacks/
URL Provider
Details Provider Source level domain
Details cybersrcc.com cybersrcc.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 94 CyberSRC https://cybersrcc.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CERT Ukraine 10 
UAC-0180
Details CVE 88 
cve-2024-9680
Details CVE 80 
cve-2024-49039
Details CVE 130 
cve-2023-36884
Details Domain 6 
economistjournal.cloud
Details Domain 6 
redjournal.cloud
Details File 4 
poclowil.dll
Details Mandiant Uncategorized Groups 40 
UNC2596
Details Microsoft Threat Actor Naming Taxonomy (Groups in development) 97 
Storm-0978
Details Windows Registry Key 591 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Details Windows Registry Key 40 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run