mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 23:07:19 +00:00
[threat-actors] Add TiltedTemple
This commit is contained in:
parent
93d9db10a3
commit
a08311c5f1
1 changed files with 16 additions and 0 deletions
|
@ -13288,6 +13288,22 @@
|
|||
},
|
||||
"uuid": "41243ff2-e4f1-4605-9259-ab494c1c8c04",
|
||||
"value": "Moshen Dragon"
|
||||
},
|
||||
{
|
||||
"description": "One of their notable tools is a custom backdoor called SockDetour, which operates filelessly and socketlessly on compromised Windows servers. The group's activities have been linked to the exploitation of vulnerabilities in Zoho ManageEngine ADSelfService Plus and ServiceDesk Plus.",
|
||||
"meta": {
|
||||
"country": "CN",
|
||||
"refs": [
|
||||
"https://unit42.paloaltonetworks.com/sockdetour/",
|
||||
"https://blog.fox-it.com/2021/11/08/ta505-exploits-solarwinds-serv-u-vulnerability-cve-2021-35211-for-initial-access/",
|
||||
"https://www.microsoft.com/en-us/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit/"
|
||||
],
|
||||
"synonyms": [
|
||||
"DEV-0322"
|
||||
]
|
||||
},
|
||||
"uuid": "aca6b3d2-1c3b-4674-9de8-975e35723bcf",
|
||||
"value": "TiltedTemple"
|
||||
}
|
||||
],
|
||||
"version": 294
|
||||
|
|
Loading…
Reference in a new issue