mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
[threat-actors] Add CL-STA-0043
This commit is contained in:
parent
d3836318a2
commit
ed0d3c6f57
1 changed files with 11 additions and 0 deletions
|
@ -13138,6 +13138,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "8959fbb4-95f0-485d-bba2-db9140b95386",
|
"uuid": "8959fbb4-95f0-485d-bba2-db9140b95386",
|
||||||
"value": "UNC4841"
|
"value": "UNC4841"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "CL-STA-0043 is a highly skilled and sophisticated threat actor, believed to be a nation-state, targeting governmental entities in the Middle East and Africa. They exploit vulnerabilities in on-premises Internet Information Services and Microsoft Exchange servers to infiltrate target networks. They engage in reconnaissance, locate vital assets, and have been observed using native Windows tools for privilege escalation.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.securonix.com/blog/securonix-threat-labs-monthly-intelligence-insights-june-2023/",
|
||||||
|
"https://www.paloaltonetworks.com/blog/security-operations/through-the-cortex-xdr-lens-uncovering-a-new-activity-group-targeting-governments-in-the-middle-east-and-africa/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "5d0aee14-f18a-44da-a44d-28d950f06b9c",
|
||||||
|
"value": "CL-STA-0043"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 294
|
"version": 294
|
||||||
|
|
Loading…
Reference in a new issue