Ошибка Microsoft SharePoint RCE использовалась для взлома корпоративной сети - SEC-1275-1
Tags
attack-pattern: | Sharepoint - T1213.002 Connection Proxy - T1090 |
Common Information
Type | Value |
---|---|
UUID | e32bdf8b-f6c3-461b-b83e-19bc0457da5d |
Fingerprint | 3d19e5251eb77919 |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | Nov. 6, 2024, midnight |
Added to db | Nov. 6, 2024, 7:26 a.m. |
Last updated | Dec. 18, 2024, 9:53 p.m. |
Headline | Ошибка Microsoft SharePoint RCE использовалась для взлома корпоративной сети |
Title | Ошибка Microsoft SharePoint RCE использовалась для взлома корпоративной сети - SEC-1275-1 |
Detected Hints/Tags/Attributes | 6/1/12 |
Source URLs
URL Provider
Details | Provider | Source level domain |
---|---|---|
Details | 1275.ru | 1275.ru |
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 8 | ✔ | Архивы IOC - SEC-1275-1 | https://1275.ru/ioc/feed | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 32 | cve-2024-38094 |
|
Details | sha256 | 2 | 1beec8cecd28fdf9f7e0fc5fb9226b360934086ded84f69e3d542d1362e3fdf3 |
|
Details | sha256 | 6 | 61c0810a23580cf492a6ba4f7654566108331e7a4134c968c2d6a05261b2d8a1 |
|
Details | sha256 | 2 | 6ce228240458563d73c1c3cbbd04ef15cb7c5badacc78ce331848f5431b406cc |
|
Details | sha256 | 2 | 95cc0b082fcfc366a7de8030a6325c099d8012533a3234edbdf555df082413c7 |
|
Details | sha256 | 2 | acb5de5a69c06b7501f86c0522d10fefa9c34776c7535e937e946c6abfc9bbc6 |
|
Details | sha256 | 2 | d18aa84b7bf0efde9c6b5db2a38ab1ec9484c59c5284c0bd080f5197bf9388b0 |
|
Details | sha256 | 2 | d3a6ed07bd3b52c62411132d060560f9c0c88ce183851f16b632a99b4d4e7581 |
|
Details | sha256 | 3 | e451287843b3927c6046eaabd3e22b929bc1f445eec23a73b1398b115d02e4fb |
|
Details | sha256 | 2 | f618b09c0908119399d14f80fc868b002b987006f7c76adbcec1ac11b9208940 |
|
Details | IPv4 | 2 | 18.195.61.200 |
|
Details | IPv4 | 2 | 54.255.89.118 |