mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
add: Nexus Zeta is no stranger when it comes to implementing SOAP
relatedrelated exploit ;-)
This commit is contained in:
parent
5070314aae
commit
193b474ad2
1 changed files with 5 additions and 1 deletions
|
@ -2264,6 +2264,10 @@
|
||||||
},
|
},
|
||||||
"value": "Dark Caracal",
|
"value": "Dark Caracal",
|
||||||
"description": "Lookout and Electronic Frontier Foundation (EFF) have discovered Dark Caracal, a persistent and prolific actor, who at the time of writing is believed to be administered out of a building belonging to the Lebanese General Security Directorate in Beirut. At present, we have knowledge of hundreds of gigabytes of exfiltrated data, in 21+ countries, across thousands of victims. Stolen data includes enterprise intellectual property and personally identifiable information."
|
"description": "Lookout and Electronic Frontier Foundation (EFF) have discovered Dark Caracal, a persistent and prolific actor, who at the time of writing is believed to be administered out of a building belonging to the Lebanese General Security Directorate in Beirut. At present, we have knowledge of hundreds of gigabytes of exfiltrated data, in 21+ countries, across thousands of victims. Stolen data includes enterprise intellectual property and personally identifiable information."
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "Nexus Zeta",
|
||||||
|
"description": "Nexus Zeta is no stranger when it comes to implementing SOAP related exploits. The threat actor has already been observed in implementing two other known SOAP related exploits, CVE-2014–8361 and CVE-2017–17215 in his Satori botnet project. A third SOAP exploit, TR-069 bug has also been observed previously in IoT botnets. This makes EDB 38722 the fourth SOAP related exploit which is discovered in the wild by IoT botnets."
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"name": "Threat actor",
|
"name": "Threat actor",
|
||||||
|
@ -2278,5 +2282,5 @@
|
||||||
],
|
],
|
||||||
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
|
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
|
||||||
"uuid": "7cdff317-a673-4474-84ec-4f1754947823",
|
"uuid": "7cdff317-a673-4474-84ec-4f1754947823",
|
||||||
"version": 31
|
"version": 33
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue