Block another North Korean Supply Chain attack #379

summercms · 2023-11-25T15:21:34Z

Enhancement idea

Block another North Korean Supply Chain attack.

Description

The National Cyber Security Centre (NCSC) and Korea's National Intelligence Service (NIS) warn that the North Korean Lazarus hacking group breaches companies using a zero-day vulnerability in the MagicLine4NX software to conduct supply-chain attacks.

Links

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-040a

IOC

I2P websites

n/a

IPFS websites

n/a

Tor2web websites

n/a

TOR websites

n/a

URL's

n/a

Folders

n/a

Sub-Domains

n/a

Domains

xpopup.pe.kr
xpopup.com

IP's

115.68.95.128
119.205.197.111

Emails

n/a

Wallet addresses

n/a

Mining pool addresses

n/a

The text was updated successfully, but these errors were encountered:

summercms added Code Update 🔔 Code Update In-progress In-progress Priority: Medium Priority: Medium enhancement 👍 New feature or request labels Nov 25, 2023

summercms mentioned this issue Nov 25, 2023

Block another North Korean Supply Chain attack #380

Merged

summercms added FINSIHED FINSIHED Testing - Passed Testing - Passed and removed In-progress In-progress labels Nov 25, 2023

summercms closed this as completed Nov 25, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Block another North Korean Supply Chain attack #379

Block another North Korean Supply Chain attack #379

summercms commented Nov 25, 2023 •

edited

Loading

Block another North Korean Supply Chain attack #379

Block another North Korean Supply Chain attack #379

Comments

summercms commented Nov 25, 2023 • edited Loading

Enhancement idea

Description

Links

IOC

I2P websites

IPFS websites

Tor2web websites

TOR websites

URL's

Folders

Sub-Domains

Domains

IP's

Emails

Wallet addresses

Mining pool addresses

summercms commented Nov 25, 2023 •

edited

Loading