Bluepurple Pulse: week ending April 23rd
Tags
Common Information
| Type | Value |
|---|---|
| UUID | e4a6ab11-130a-499b-a90b-b4ef184dc4bc |
| Fingerprint | 24108d9989219f88 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 22, 2023, midnight |
| Added to db | June 5, 2023, 2:38 p.m. |
| Last updated | Nov. 17, 2024, 7:44 p.m. |
| Headline | Cyber Defence Analysis for Blue & Purple Teams |
| Title | Bluepurple Pulse: week ending April 23rd |
| Detected Hints/Tags/Attributes | 252/4/89 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 76 | ✔ | Cyber Defence Analysis for Blue & Purple Teams | https://bluepurple.binaryfirefly.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 34 | cve-2017-6742 |
|
| Details | CVE | 5 | cve-2023-28808 |
|
| Details | CVE | 6 | cve-2023-29084 |
|
| Details | CVE | 4 | cve-2023-25135 |
|
| Details | CVE | 2 | cve-2021-1657 |
|
| Details | Domain | 55 | blog.google |
|
| Details | Domain | 10 | informnapalm.org |
|
| Details | Domain | 8 | cip.gov.ua |
|
| Details | Domain | 98 | www.ncsc.gov.uk |
|
| Details | Domain | 11 | blog.virustotal.com |
|
| Details | Domain | 16 | www.zimperium.com |
|
| Details | Domain | 26 | www.jamf.com |
|
| Details | Domain | 20 | www.3cx.com |
|
| Details | Domain | 182 | www.mandiant.com |
|
| Details | Domain | 469 | www.cisa.gov |
|
| Details | Domain | 101 | www.group-ib.com |
|
| Details | Domain | 27 | www.uptycs.com |
|
| Details | Domain | 47 | go.recordedfuture.com |
|
| Details | Domain | 71 | news.sophos.com |
|
| Details | Domain | 8 | objective-see.org |
|
| Details | Domain | 124 | www.sentinelone.com |
|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 1 | syscalls.md |
|
| Details | Domain | 1 | iotrim.github.io |
|
| Details | Domain | 1 | marcusbotacin.github.io |
|
| Details | Domain | 8 | www.csa.gov.sg |
|
| Details | Domain | 13 | jvn.jp |
|
| Details | Domain | 1 | upb-syssec.github.io |
|
| Details | Domain | 1 | hnd3884.github.io |
|
| Details | Domain | 1 | john-millikin.com |
|
| Details | Domain | 12 | binaryfirefly.com |
|
| Details | 12 | hello@binaryfirefly.com |
||
| Details | File | 2 | advisory_apt28-exploits-known-vulnerability.pdf |
|
| Details | File | 4 | apt43-investigation-into-north-korean.html |
|
| Details | File | 1 | cta-2023-0420.pdf |
|
| Details | File | 2 | c:\program files\google\chrome under the name updater.exe |
|
| Details | File | 137 | conhost.exe |
|
| Details | File | 4 | blog_0x75.html |
|
| Details | File | 1 | safeguards.html |
|
| Details | File | 252 | www.cs |
|
| Details | Github username | 1 | markbaggett |
|
| Details | Github username | 4 | ufrisk |
|
| Details | Github username | 4 | tsale |
|
| Details | Github username | 17 | redcanaryco |
|
| Details | Github username | 1 | dodo-sec |
|
| Details | Github username | 1 | kudaes |
|
| Details | Github username | 5 | optiv |
|
| Details | Github username | 1 | ambionics |
|
| Details | Github username | 1 | vulnerabilityresearchcentre |
|
| Details | Interlab Threat Numbers | 6 | UCID902 |
|
| Details | Japan Vulnerability Notes JVNVU | 2 | JVNVU#98434809 |
|
| Details | Mandiant Uncategorized Groups | 59 | UNC4736 |
|
| Details | Threat Actor Identifier - APT-C | 83 | APT-C-36 |
|
| Details | Threat Actor Identifier - APT | 783 | APT28 |
|
| Details | Threat Actor Identifier - APT | 115 | APT43 |
|
| Details | Url | 2 | https://blog.google/threat-analysis-group/ukraine-remains-russias-biggest-cyber-focus-in-2023 |
|
| Details | Url | 3 | https://informnapalm.org/en/hacked-russian-gru-officer |
|
| Details | Url | 1 | https://cip.gov.ua/ua/news/systematicity-and-intensity-of-russia-s-cyberattacks-remain-high-report |
|
| Details | Url | 1 | https://cip.gov.ua/services/cm/api/attachment/download?id=53657 |
|
| Details | Url | 2 | https://www.ncsc.gov.uk/files/advisory_apt28-exploits-known-vulnerability.pdf |
|
| Details | Url | 4 | https://blog.virustotal.com/2023/04/apt43-investigation-into-north-korean.html |
|
| Details | Url | 1 | https://www.zimperium.com/blog/kimsuky-infamous-threat-actor-churns-out-more-advanced-malware |
|
| Details | Url | 6 | https://www.jamf.com/blog/bluenoroff-apt-targets-macos-rustbucket-malware |
|
| Details | Url | 1 | https://www.3cx.com/blog/news/mandiant-security-update2 |
|
| Details | Url | 5 | https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise |
|
| Details | Url | 2 | https://www.cisa.gov/news-events/analysis-reports/ar23-110a |
|
| Details | Url | 2 | https://www.cisa.gov/news-events/alerts/2023/03/30/supply-chain-attack-against-3cxdesktopapp |
|
| Details | Url | 4 | https://www.group-ib.com/blog/muddywater-infrastructure |
|
| Details | Url | 3 | https://www.uptycs.com/blog/cyber_espionage_in_india_decoding_apt_36_new_linux_malware |
|
| Details | Url | 1 | https://go.recordedfuture.com/hubfs/reports/cta-2023-0420.pdf |
|
| Details | Url | 1 | https://news.sophos.com/en-us/2023/04/13/tax-firms-targeted-by-precision-malware-attacks |
|
| Details | Url | 3 | https://objective-see.org/blog/blog_0x75.html |
|
| Details | Url | 1 | https://www.sentinelone.com/blog/lockbit-for-mac-how-real-is-the-risk-of-macos-ransomware |
|
| Details | Url | 1 | https://github.com/markbaggett/srum-dump |
|
| Details | Url | 1 | https://github.com/ufrisk/memprocfs/releases/tag/v5.5 |
|
| Details | Url | 2 | https://github.com/tsale/edr-telemetry |
|
| Details | Url | 1 | https://github.com/redcanaryco/mac-monitor |
|
| Details | Url | 1 | https://github.com/dodo-sec/malware-analysis/blob/main/cobalt |
|
| Details | Url | 1 | https://iotrim.github.io/safeguards.html |
|
| Details | Url | 1 | https://marcusbotacin.github.io/publication/2022-01-01-paper-coproc-number-21 |
|
| Details | Url | 1 | https://www.csa.gov.sg/alerts-advisories/alerts/2023/al-2023-048 |
|
| Details | Url | 1 | https://jvn.jp/en/vu/jvnvu98434809 |
|
| Details | Url | 1 | https://upb-syssec.github.io/blog/2023/session-tickets |
|
| Details | Url | 1 | https://github.com/kudaes/fiber |
|
| Details | Url | 1 | https://github.com/optiv/scarecrow/releases/tag/v5.0 |
|
| Details | Url | 1 | https://hnd3884.github.io/posts/cve-2023-29084-command-injection-in-manageengine-admanager-plus |
|
| Details | Url | 1 | https://github.com/ambionics/vbulletin-exploits |
|
| Details | Url | 1 | https://github.com/vulnerabilityresearchcentre/patch-diffing-in-the-dark |
|
| Details | Url | 1 | https://john-millikin.com/running-sunos-4-in-qemu-sparc |