The Weekly Threat Round-up 07/04/2025 -13/04/2025
Tags
| country: | China Russia Taiwan Ukraine |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | eefa1700-370a-441e-bfe9-3bd5df627b72 |
| Fingerprint | 9e91ac15db11ba89 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 13, 2025, 9:09 a.m. |
| Added to db | April 13, 2025, 12:07 p.m. |
| Last updated | April 17, 2025, 11:19 p.m. |
| Headline | The Weekly Threat Round-up 07/04/2025 -13/04/2025 |
| Title | The Weekly Threat Round-up 07/04/2025 -13/04/2025 |
| Detected Hints/Tags/Attributes | 57/3/27 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CERT Ukraine | 8 | UAC-0226 |
|
| Details | CVE | 26 | cve-2021-35587 |
|
| Details | CVE | 55 | cve-2025-22457 |
|
| Details | CVE | 58 | cve-2025-29824 |
|
| Details | CVE | 13 | cve-2024-48887 |
|
| Details | Domain | 214 | www.securityweek.com |
|
| Details | Domain | 409 | thehackernews.com |
|
| Details | Domain | 44 | socprime.com |
|
| Details | Domain | 170 | securityaffairs.com |
|
| Details | Domain | 490 | securelist.com |
|
| Details | File | 1 | uac-0226-deploys-giftedcrook-stealer.html |
|
| Details | File | 1 | microsoft-patches-126-flaws-including.html |
|
| Details | File | 1 | fortinet-fortiswitch-flaw.html |
|
| Details | File | 35 | doc.exe |
|
| Details | File | 1 | paper-werewolf-deploys-powermodul.html |
|
| Details | Mandiant Uncategorized Groups | 62 | UNC5221 |
|
| Details | Microsoft Threat Actor Naming Taxonomy (Groups in development) | 24 | Storm-2460 |
|
| Details | Microsoft Threat Actor Naming Taxonomy (Groups in development) | 3 | Storm-0300 |
|
| Details | Url | 1 | https://www.securityweek.com/exploited-vulnerability-puts-5000-ivanti-vpn-appliances-at-risk |
|
| Details | Url | 1 | https://www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances |
|
| Details | Url | 1 | https://thehackernews.com/2025/04/uac-0226-deploys-giftedcrook-stealer.html |
|
| Details | Url | 1 | https://socprime.com/blog/detect-uac-0226-attacks-against-ukraine |
|
| Details | Url | 1 | https://thehackernews.com/2025/04/microsoft-patches-126-flaws-including.html |
|
| Details | Url | 1 | https://securityaffairs.com/176380/security/fortinet-fortiswitch-flaw.html |
|
| Details | Url | 1 | https://www.securityweek.com/china-admitted-to-us-that-it-conducted-volt-typhoon-attacks-report |
|
| Details | Url | 1 | https://securelist.com/goffee-apt-new-attacks/116139 |
|
| Details | Url | 1 | https://thehackernews.com/2025/04/paper-werewolf-deploys-powermodul.html |