Pulse Detail-

VENOM: VM Escape (virtual floppy drive 0day)

概要

VENOM, CVE-2015-3456, is a security vulnerability in the virtual floppy drive code used by many computer virtualization platforms. This vulnerability may allow an attacker to escape from the confines of an affected virtual machine (VM) guest and potentially obtain code-execution access to the host. Absent mitigation, this VM escape could open access to the host system and all other VMs running on that host, potentially giving adversaries significant elevated access to the host’s local network and adjacent systems. Exploitation of the VENOM vulnerability can expose access to corporate intellectual property (IP), in addition to sensitive and personally identifiable information (PII), potentially impacting the thousands of organizations and millions of end users that rely on affected VMs for the allocation of shared computing resources, as well as connectivity, storage, security, and privacy.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

ZeusVM: Bits and Pieces (score: 0.58)
Locky Ransomware Spreads via Flash and Windows Kernel Exploits (score: 0.53)
Malicious VBScript file delivers Pony Loader (score: 0.53)
iOS Sandbox Vulnerability Puts Enterprise Data at Risk (score: 0.53)
Financial Threat Group Targets Volume Boot Record (score: 0.53)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 33.64

Matched TTPs:

T1491.002 - External Defacement
T1114 - Email Collection
T1195 - Supply Chain Compromise
T1190 - Exploit Public-Facing Application
T1588.001 - Malware
T1583.003 - Virtual Private Server
T1210 - Exploitation of Remote Services
T1203 - Exploitation for Client Execution
T1567.002 - Exfiltration to Cloud Storage
T1585 - Establish Accounts
T1046 - Network Service Discovery
T1588.005 - Exploits

MITREへのリンク →

Sandworm Team

Score: 30.06

Matched TTPs:

T1491.002 - External Defacement
T1587.001 - Malware
T1588.006 - Vulnerabilities
T1082 - System Information Discovery
T1195 - Supply Chain Compromise
T1190 - Exploit Public-Facing Application
T1199 - Trusted Relationship
T1588.002 - Tool
T1592.002 - Software
T1203 - Exploitation for Client Execution
T1499 - Endpoint Denial of Service

MITREへのリンク →

Silent Librarian

Score: 4.47

Matched TTPs:

T1114 - Email Collection
T1588.002 - Tool

MITREへのリンク →

Magic Hound

Score: 22.28

Matched TTPs:

T1114 - Email Collection
T1082 - System Information Discovery
T1562 - Impair Defenses
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1573 - Encrypted Channel
T1592.002 - Software
T1189 - Drive-by Compromise
T1046 - Network Service Discovery

MITREへのリンク →

Scattered Spider

Score: 12.24

Matched TTPs:

T1114 - Email Collection
T1082 - System Information Discovery
T1588.001 - Malware
T1588.002 - Tool
T1068 - Exploitation for Privilege Escalation
T1567.002 - Exfiltration to Cloud Storage

MITREへのリンク →

OilRig

Score: 20.41

Matched TTPs:

T1025 - Data from Removable Media
T1587.001 - Malware
T1497.001 - System Checks
T1082 - System Information Discovery
T1195 - Supply Chain Compromise
T1588.002 - Tool
T1068 - Exploitation for Privilege Escalation
T1203 - Exploitation for Client Execution
T1046 - Network Service Discovery

MITREへのリンク →

Gamaredon Group

Score: 22.14

Matched TTPs:

T1025 - Data from Removable Media
T1497.001 - System Checks
T1082 - System Information Discovery
T1583.003 - Virtual Private Server
T1491.001 - Internal Defacement
T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1027.004 - Compile After Delivery

MITREへのリンク →

APT28

Score: 37.81

Matched TTPs:

T1025 - Data from Removable Media
T1190 - Exploit Public-Facing Application
T1583.003 - Virtual Private Server
T1210 - Exploitation of Remote Services
T1199 - Trusted Relationship
T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1068 - Exploitation for Privilege Escalation
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1564.001 - Hidden Files and Directories
T1550.001 - Application Access Token
T1669 - Wi-Fi Networks
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

Turla

Score: 22.90

Matched TTPs:

T1025 - Data from Removable Media
T1587.001 - Malware
T1082 - System Information Discovery
T1584.003 - Virtual Private Server
T1588.001 - Malware
T1588.002 - Tool
T1068 - Exploitation for Privilege Escalation
T1567.002 - Exfiltration to Cloud Storage
T1189 - Drive-by Compromise
T1078.003 - Local Accounts

MITREへのリンク →

Kimsuky

Score: 22.76

Matched TTPs:

T1587.001 - Malware
T1082 - System Information Discovery
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1567.002 - Exfiltration to Cloud Storage
T1585 - Establish Accounts
T1027.002 - Software Packing
T1680 - Local Storage Discovery
T1588.005 - Exploits
T1078.003 - Local Accounts

MITREへのリンク →

FIN13

Score: 14.59

Matched TTPs:

T1587.001 - Malware
T1082 - System Information Discovery
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1565 - Data Manipulation
T1046 - Network Service Discovery
T1564.001 - Hidden Files and Directories

MITREへのリンク →

Moonstone Sleet

Score: 5.82

Matched TTPs:

T1587.001 - Malware
T1082 - System Information Discovery
T1583.003 - Virtual Private Server

MITREへのリンク →

Indrik Spider

Score: 4.11

Matched TTPs:

T1587.001 - Malware
T1567.002 - Exfiltration to Cloud Storage

MITREへのリンク →

Lazarus Group

Score: 26.27

Matched TTPs:

T1587.001 - Malware
T1082 - System Information Discovery
T1491.001 - Internal Defacement
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1046 - Network Service Discovery
T1027.007 - Dynamic API Resolution
T1564.001 - Hidden Files and Directories
T1680 - Local Storage Discovery
T1529 - System Shutdown/Reboot

MITREへのリンク →

Contagious Interview

Score: 15.97

Matched TTPs:

T1587.001 - Malware
T1082 - System Information Discovery
T1583.003 - Virtual Private Server
T1497 - Virtualization/Sandbox Evasion
T1588.002 - Tool
T1567.002 - Exfiltration to Cloud Storage
T1585 - Establish Accounts

MITREへのリンク →

UNC3886

Score: 44.13

Matched TTPs:

T1587.001 - Malware
T1675 - ESXi Administration Command
T1190 - Exploit Public-Facing Application
T1673 - Virtual Machine Discovery
T1588.001 - Malware
T1205.001 - Port Knocking
T1212 - Exploitation for Credential Access
T1068 - Exploitation for Privilege Escalation
T1587.004 - Exploits
T1203 - Exploitation for Client Execution
T1059.012 - Hypervisor CLI
T1037.004 - RC Scripts
T1505.006 - vSphere Installation Bundles

MITREへのリンク →

LuminousMoth

Score: 10.08

Matched TTPs:

T1587.001 - Malware
T1588.001 - Malware
T1588.002 - Tool
T1567.002 - Exfiltration to Cloud Storage
T1564.001 - Hidden Files and Directories

MITREへのリンク →

Salt Typhoon

Score: 4.41

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1588.002 - Tool

MITREへのリンク →

APT29

Score: 32.01

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1199 - Trusted Relationship
T1588.002 - Tool
T1068 - Exploitation for Privilege Escalation
T1573 - Encrypted Channel
T1203 - Exploitation for Client Execution
T1090.004 - Domain Fronting
T1651 - Cloud Administration Command
T1037.004 - RC Scripts
T1027.002 - Software Packing
T1078.003 - Local Accounts

MITREへのリンク →

Play

Score: 8.29

Matched TTPs:

T1587.001 - Malware
T1082 - System Information Discovery
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1078.003 - Local Accounts

MITREへのリンク →

Aoqin Dragon

Score: 6.49

Matched TTPs:

T1587.001 - Malware
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1027.002 - Software Packing

MITREへのリンク →

RedCurl

Score: 13.51

Matched TTPs:

T1587.001 - Malware
T1082 - System Information Discovery
T1199 - Trusted Relationship
T1039 - Data from Network Shared Drive
T1046 - Network Service Discovery
T1564.001 - Hidden Files and Directories

MITREへのリンク →

Moses Staff

Score: 5.62

Matched TTPs:

T1587.001 - Malware
T1082 - System Information Discovery
T1190 - Exploit Public-Facing Application
T1588.002 - Tool

MITREへのリンク →

Ke3chang

Score: 9.47

Matched TTPs:

T1587.001 - Malware
T1583.005 - Botnet
T1082 - System Information Discovery
T1190 - Exploit Public-Facing Application
T1588.002 - Tool

MITREへのリンク →

Mustang Panda

Score: 28.04

Matched TTPs:

T1587.001 - Malware
T1082 - System Information Discovery
T1176.002 - IDE Extensions
T1219.001 - IDE Tunneling
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1567.002 - Exfiltration to Cloud Storage
T1046 - Network Service Discovery
T1518 - Software Discovery
T1027.007 - Dynamic API Resolution
T1564.001 - Hidden Files and Directories

MITREへのリンク →

TeamTNT

Score: 14.49

Matched TTPs:

T1587.001 - Malware
T1082 - System Information Discovery
T1611 - Escape to Host
T1027.002 - Software Packing
T1046 - Network Service Discovery
T1680 - Local Storage Discovery

MITREへのリンク →

FIN7

Score: 19.84

Matched TTPs:

T1587.001 - Malware
T1082 - System Information Discovery
T1190 - Exploit Public-Facing Application
T1497.002 - User Activity Based Checks
T1210 - Exploitation of Remote Services
T1588.002 - Tool
T1567.002 - Exfiltration to Cloud Storage
T1564.001 - Hidden Files and Directories
T1078.003 - Local Accounts

MITREへのリンク →

Medusa Group

Score: 17.52

Matched TTPs:

T1652 - Device Driver Discovery
T1082 - System Information Discovery
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1567.002 - Exfiltration to Cloud Storage
T1027.002 - Software Packing
T1046 - Network Service Discovery
T1529 - System Shutdown/Reboot

MITREへのリンク →

Evilnum

Score: 3.44

Matched TTPs:

T1497.001 - System Checks

MITREへのリンク →

Volt Typhoon

Score: 33.21

Matched TTPs:

T1497.001 - System Checks
T1588.006 - Vulnerabilities
T1584.003 - Virtual Private Server
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1068 - Exploitation for Privilege Escalation
T1587.004 - Exploits
T1614 - System Location Discovery
T1027.002 - Software Packing
T1046 - Network Service Discovery
T1518 - Software Discovery
T1680 - Local Storage Discovery

MITREへのリンク →

Darkhotel

Score: 15.88

Matched TTPs:

T1497.001 - System Checks
T1082 - System Information Discovery
T1497 - Virtualization/Sandbox Evasion
T1497.002 - User Activity Based Checks
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Storm-0501

Score: 10.59

Matched TTPs:

T1588.006 - Vulnerabilities
T1082 - System Information Discovery
T1190 - Exploit Public-Facing Application
T1567.002 - Exfiltration to Cloud Storage
T1027.002 - Software Packing

MITREへのリンク →

HAFNIUM

Score: 24.16

Matched TTPs:

T1583.005 - Botnet
T1190 - Exploit Public-Facing Application
T1583.003 - Virtual Private Server
T1199 - Trusted Relationship
T1068 - Exploitation for Privilege Escalation
T1567.002 - Exfiltration to Cloud Storage
T1564.001 - Hidden Files and Directories
T1550.001 - Application Access Token
T1078.003 - Local Accounts

MITREへのリンク →

APT5

Score: 5.31

Matched TTPs:

T1583.005 - Botnet
T1190 - Exploit Public-Facing Application

MITREへのリンク →

Windigo

Score: 5.72

Matched TTPs:

T1082 - System Information Discovery
T1189 - Drive-by Compromise
T1518 - Software Discovery

MITREへのリンク →

BlackByte

Score: 17.04

Matched TTPs:

T1082 - System Information Discovery
T1562 - Impair Defenses
T1190 - Exploit Public-Facing Application
T1583.003 - Virtual Private Server
T1491.001 - Internal Defacement
T1068 - Exploitation for Privilege Escalation
T1046 - Network Service Discovery

MITREへのリンク →

ZIRCONIUM

Score: 7.37

Matched TTPs:

T1082 - System Information Discovery
T1068 - Exploitation for Privilege Escalation
T1567.002 - Exfiltration to Cloud Storage
T1027.002 - Software Packing

MITREへのリンク →

APT41

Score: 8.84

Matched TTPs:

T1082 - System Information Discovery
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1027.002 - Software Packing
T1046 - Network Service Discovery

MITREへのリンク →

Blue Mockingbird

Score: 3.52

Matched TTPs:

T1082 - System Information Discovery
T1190 - Exploit Public-Facing Application
T1588.002 - Tool

MITREへのリンク →

HEXANE

Score: 6.81

Matched TTPs:

T1082 - System Information Discovery
T1588.002 - Tool
T1567.002 - Exfiltration to Cloud Storage
T1518 - Software Discovery

MITREへのリンク →

TA2541

Score: 6.57

Matched TTPs:

T1082 - System Information Discovery
T1588.001 - Malware
T1588.002 - Tool
T1027.002 - Software Packing

MITREへのリンク →

Rocke

Score: 16.91

Matched TTPs:

T1082 - System Information Discovery
T1190 - Exploit Public-Facing Application
T1055.002 - Portable Executable Injection
T1027.004 - Compile After Delivery
T1027.002 - Software Packing
T1046 - Network Service Discovery
T1564.001 - Hidden Files and Directories

MITREへのリンク →

APT37

Score: 8.09

Matched TTPs:

T1082 - System Information Discovery
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1529 - System Shutdown/Reboot

MITREへのリンク →

APT32

Score: 14.51

Matched TTPs:

T1082 - System Information Discovery
T1588.002 - Tool
T1068 - Exploitation for Privilege Escalation
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1046 - Network Service Discovery
T1564.001 - Hidden Files and Directories
T1078.003 - Local Accounts

MITREへのリンク →

Inception

Score: 6.29

Matched TTPs:

T1082 - System Information Discovery
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1518 - Software Discovery

MITREへのリンク →

Higaisa

Score: 5.53

Matched TTPs:

T1082 - System Information Discovery
T1203 - Exploitation for Client Execution
T1680 - Local Storage Discovery

MITREへのリンク →

CURIUM

Score: 5.49

Matched TTPs:

T1082 - System Information Discovery
T1583.003 - Virtual Private Server
T1189 - Drive-by Compromise

MITREへのリンク →

APT38

Score: 9.49

Matched TTPs:

T1082 - System Information Discovery
T1588.002 - Tool
T1189 - Drive-by Compromise
T1027.002 - Software Packing
T1529 - System Shutdown/Reboot

MITREへのリンク →

MuddyWater

Score: 14.13

Matched TTPs:

T1082 - System Information Discovery
T1190 - Exploit Public-Facing Application
T1210 - Exploitation of Remote Services
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1027.004 - Compile After Delivery
T1518 - Software Discovery

MITREへのリンク →

APT3

Score: 4.75

Matched TTPs:

T1082 - System Information Discovery
T1203 - Exploitation for Client Execution
T1027.002 - Software Packing

MITREへのリンク →

Sidewinder

Score: 5.45

Matched TTPs:

T1082 - System Information Discovery
T1203 - Exploitation for Client Execution
T1518 - Software Discovery

MITREへのリンク →

APT42

Score: 4.58

Matched TTPs:

T1082 - System Information Discovery
T1583.003 - Virtual Private Server
T1588.002 - Tool

MITREへのリンク →

SideCopy

Score: 8.08

Matched TTPs:

T1082 - System Information Discovery
T1614 - System Location Discovery
T1518 - Software Discovery

MITREへのリンク →

APT19

Score: 3.82

Matched TTPs:

T1082 - System Information Discovery
T1588.002 - Tool
T1189 - Drive-by Compromise

MITREへのリンク →

FIN8

Score: 4.15

Matched TTPs:

T1082 - System Information Discovery
T1588.002 - Tool
T1068 - Exploitation for Privilege Escalation

MITREへのリンク →

Tropic Trooper

Score: 19.00

Matched TTPs:

T1082 - System Information Discovery
T1573 - Encrypted Channel
T1203 - Exploitation for Client Execution
T1046 - Network Service Discovery
T1518 - Software Discovery
T1564.001 - Hidden Files and Directories
T1680 - Local Storage Discovery
T1078.003 - Local Accounts

MITREへのリンク →

Aquatic Panda

Score: 4.51

Matched TTPs:

T1082 - System Information Discovery
T1588.001 - Malware
T1588.002 - Tool

MITREへのリンク →

Winter Vivern

Score: 6.96

Matched TTPs:

T1082 - System Information Discovery
T1190 - Exploit Public-Facing Application
T1583.003 - Virtual Private Server
T1189 - Drive-by Compromise

MITREへのリンク →

Sowbug

Score: 4.24

Matched TTPs:

T1082 - System Information Discovery
T1039 - Data from Network Shared Drive

MITREへのリンク →

Wizard Spider

Score: 6.81

Matched TTPs:

T1082 - System Information Discovery
T1210 - Exploitation of Remote Services
T1588.002 - Tool
T1567.002 - Exfiltration to Cloud Storage

MITREへのリンク →

Patchwork

Score: 10.20

Matched TTPs:

T1082 - System Information Discovery
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1027.002 - Software Packing
T1680 - Local Storage Discovery

MITREへのリンク →

Windshift

Score: 5.72

Matched TTPs:

T1082 - System Information Discovery
T1189 - Drive-by Compromise
T1518 - Software Discovery

MITREへのリンク →

Threat Group-3390

Score: 19.00

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1210 - Exploitation of Remote Services
T1199 - Trusted Relationship
T1588.002 - Tool
T1068 - Exploitation for Privilege Escalation
T1203 - Exploitation for Client Execution
T1567.002 - Exfiltration to Cloud Storage
T1189 - Drive-by Compromise
T1027.002 - Software Packing
T1046 - Network Service Discovery

MITREへのリンク →

BackdoorDiplomacy

Score: 6.54

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.001 - Malware
T1588.002 - Tool
T1046 - Network Service Discovery

MITREへのリンク →

GOLD SOUTHFIELD

Score: 4.22

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1199 - Trusted Relationship

MITREへのリンク →

BlackTech

Score: 5.58

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1046 - Network Service Discovery

MITREへのリンク →

Sea Turtle

Score: 15.37

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1583.003 - Virtual Private Server
T1199 - Trusted Relationship
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1027.004 - Compile After Delivery
T1078.003 - Local Accounts

MITREへのリンク →

Fox Kitten

Score: 12.45

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1210 - Exploitation of Remote Services
T1039 - Data from Network Shared Drive
T1585 - Establish Accounts
T1046 - Network Service Discovery

MITREへのリンク →

Cinnamon Tempest

Score: 4.33

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1567.002 - Exfiltration to Cloud Storage

MITREへのリンク →

Agrius

Score: 3.24

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1046 - Network Service Discovery

MITREへのリンク →

menuPass

Score: 12.61

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1210 - Exploitation of Remote Services
T1199 - Trusted Relationship
T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1046 - Network Service Discovery

MITREへのリンク →

ToddyCat

Score: 6.32

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1567.002 - Exfiltration to Cloud Storage
T1680 - Local Storage Discovery

MITREへのリンク →

GALLIUM

Score: 4.37

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1027.002 - Software Packing

MITREへのリンク →

Earth Lusca

Score: 11.30

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.001 - Malware
T1210 - Exploitation of Remote Services
T1588.002 - Tool
T1567.002 - Exfiltration to Cloud Storage
T1189 - Drive-by Compromise

MITREへのリンク →

Leviathan

Score: 10.59

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1587.004 - Exploits
T1203 - Exploitation for Client Execution
T1567.002 - Exfiltration to Cloud Storage
T1189 - Drive-by Compromise

MITREへのリンク →

INC Ransom

Score: 4.08

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1046 - Network Service Discovery

MITREへのリンク →

Dragonfly

Score: 10.85

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1583.003 - Virtual Private Server
T1210 - Exploitation of Remote Services
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Axiom

Score: 11.79

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1583.003 - Virtual Private Server
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1001.002 - Steganography

MITREへのリンク →

APT39

Score: 6.14

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1027.002 - Software Packing
T1046 - Network Service Discovery

MITREへのリンク →

LAPSUS$

Score: 10.67

Matched TTPs:

T1588.001 - Malware
T1583.003 - Virtual Private Server
T1199 - Trusted Relationship
T1588.002 - Tool
T1068 - Exploitation for Privilege Escalation

MITREへのリンク →

Metador

Score: 3.31

Matched TTPs:

T1588.001 - Malware
T1588.002 - Tool

MITREへのリンク →

APT1

Score: 3.31

Matched TTPs:

T1588.001 - Malware
T1588.002 - Tool

MITREへのリンク →

Andariel

Score: 9.56

Matched TTPs:

T1588.001 - Malware
T1592.002 - Software
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

TA505

Score: 5.36

Matched TTPs:

T1588.001 - Malware
T1588.002 - Tool
T1027.002 - Software Packing

MITREへのリンク →

Equation

Score: 8.67

Matched TTPs:

T1542.002 - Component Firmware
T1564.005 - Hidden File System

MITREへのリンク →

Gorgon Group

Score: 4.98

Matched TTPs:

T1055.002 - Portable Executable Injection
T1588.002 - Tool

MITREへのリンク →

Saint Bear

Score: 7.39

Matched TTPs:

T1497 - Virtualization/Sandbox Evasion
T1203 - Exploitation for Client Execution
T1027.002 - Software Packing

MITREへのリンク →

PROMETHIUM

Score: 8.56

Matched TTPs:

T1205.001 - Port Knocking
T1189 - Drive-by Compromise
T1078.003 - Local Accounts

MITREへのリンク →

Tonto Team

Score: 6.34

Matched TTPs:

T1210 - Exploitation of Remote Services
T1068 - Exploitation for Privilege Escalation
T1203 - Exploitation for Client Execution

MITREへのリンク →

POLONIUM

Score: 5.61

Matched TTPs:

T1199 - Trusted Relationship
T1588.002 - Tool
T1567.002 - Exfiltration to Cloud Storage

MITREへのリンク →

DarkVishnya

Score: 7.15

Matched TTPs:

T1588.002 - Tool
T1200 - Hardware Additions
T1046 - Network Service Discovery

MITREへのリンク →

BITTER

Score: 8.06

Matched TTPs:

T1588.002 - Tool
T1068 - Exploitation for Privilege Escalation
T1573 - Encrypted Channel
T1203 - Exploitation for Client Execution

MITREへのリンク →

Leafminer

Score: 4.38

Matched TTPs:

T1588.002 - Tool
T1189 - Drive-by Compromise
T1046 - Network Service Discovery

MITREへのリンク →

BRONZE BUTLER

Score: 9.89

Matched TTPs:

T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1518 - Software Discovery

MITREへのリンク →

FIN6

Score: 4.71

Matched TTPs:

T1588.002 - Tool
T1068 - Exploitation for Privilege Escalation
T1046 - Network Service Discovery

MITREへのリンク →

Cobalt Group

Score: 6.20

Matched TTPs:

T1588.002 - Tool
T1068 - Exploitation for Privilege Escalation
T1203 - Exploitation for Client Execution
T1046 - Network Service Discovery

MITREへのリンク →

FIN10

Score: 3.52

Matched TTPs:

T1588.002 - Tool
T1078.003 - Local Accounts

MITREへのリンク →

APT33

Score: 4.44

Matched TTPs:

T1588.002 - Tool
T1068 - Exploitation for Privilege Escalation
T1203 - Exploitation for Client Execution

MITREへのリンク →

Chimera

Score: 10.49

Matched TTPs:

T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1567.002 - Exfiltration to Cloud Storage
T1046 - Network Service Discovery
T1680 - Local Storage Discovery

MITREへのリンク →

PLATINUM

Score: 3.86

Matched TTPs:

T1068 - Exploitation for Privilege Escalation
T1189 - Drive-by Compromise

MITREへのリンク →

MoustachedBouncer

Score: 4.15

Matched TTPs:

T1068 - Exploitation for Privilege Escalation
T1027.002 - Software Packing

MITREへのリンク →

The White Company

Score: 3.55

Matched TTPs:

T1203 - Exploitation for Client Execution
T1027.002 - Software Packing

MITREへのリンク →

Confucius

Score: 6.34

Matched TTPs:

T1203 - Exploitation for Client Execution
T1567.002 - Exfiltration to Cloud Storage
T1680 - Local Storage Discovery

MITREへのリンク →

Transparent Tribe

Score: 5.92

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1564.001 - Hidden Files and Directories

MITREへのリンク →

Elderwood

Score: 5.31

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1027.002 - Software Packing

MITREへのリンク →

APT17

Score: 3.44

Matched TTPs:

T1585 - Establish Accounts

MITREへのリンク →

Dark Caracal

Score: 3.82

Matched TTPs:

T1189 - Drive-by Compromise
T1027.002 - Software Packing

MITREへのリンク →

Velvet Ant

Score: 10.64

Matched TTPs:

T1037.004 - RC Scripts
T1078.003 - Local Accounts
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

UNC3886

Score: 0.86

Matched TTPs:

T1037.004 - RC Scripts
T1588.001 - Malware
T1205.001 - Port Knocking
T1203 - Exploitation for Client Execution
T1505.006 - vSphere Installation Bundles
T1675 - ESXi Administration Command
T1673 - Virtual Machine Discovery
T1068 - Exploitation for Privilege Escalation
T1587.004 - Exploits
T1190 - Exploit Public-Facing Application
T1212 - Exploitation for Credential Access
T1059.012 - Hypervisor CLI
T1587.001 - Malware

MITREへのリンク →

APT28

Score: 0.69

Matched TTPs:

T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1211 - Exploitation for Defense Evasion
T1210 - Exploitation of Remote Services
T1203 - Exploitation for Client Execution
T1669 - Wi-Fi Networks
T1068 - Exploitation for Privilege Escalation
T1564.001 - Hidden Files and Directories
T1199 - Trusted Relationship
T1583.003 - Virtual Private Server
T1025 - Data from Removable Media
T1550.001 - Application Access Token
T1190 - Exploit Public-Facing Application
T1189 - Drive-by Compromise

MITREへのリンク →

Volt Typhoon

Score: 0.66

Matched TTPs:

T1588.002 - Tool
T1614 - System Location Discovery
T1027.002 - Software Packing
T1497.001 - System Checks
T1587.004 - Exploits
T1588.006 - Vulnerabilities
T1068 - Exploitation for Privilege Escalation
T1518 - Software Discovery
T1680 - Local Storage Discovery
T1046 - Network Service Discovery
T1584.003 - Virtual Private Server
T1190 - Exploit Public-Facing Application

MITREへのリンク →

Ember Bear

Score: 0.60

Matched TTPs:

T1491.002 - External Defacement
T1588.001 - Malware
T1195 - Supply Chain Compromise
T1588.005 - Exploits
T1210 - Exploitation of Remote Services
T1203 - Exploitation for Client Execution
T1046 - Network Service Discovery
T1583.003 - Virtual Private Server
T1585 - Establish Accounts
T1114 - Email Collection
T1190 - Exploit Public-Facing Application
T1567.002 - Exfiltration to Cloud Storage

MITREへのリンク →

Sandworm Team

Score: 0.59

Matched TTPs:

T1588.002 - Tool
T1592.002 - Software
T1491.002 - External Defacement
T1195 - Supply Chain Compromise
T1082 - System Information Discovery
T1203 - Exploitation for Client Execution
T1588.006 - Vulnerabilities
T1499 - Endpoint Denial of Service
T1199 - Trusted Relationship
T1190 - Exploit Public-Facing Application
T1587.001 - Malware

MITREへのリンク →

APT29

Score: 0.59

Matched TTPs:

T1588.002 - Tool
T1573 - Encrypted Channel
T1027.002 - Software Packing
T1203 - Exploitation for Client Execution
T1068 - Exploitation for Privilege Escalation
T1651 - Cloud Administration Command
T1199 - Trusted Relationship
T1190 - Exploit Public-Facing Application
T1037.004 - RC Scripts
T1078.003 - Local Accounts
T1587.001 - Malware
T1090.004 - Domain Fronting

MITREへのリンク →

Related CVEs

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

VENOM: VM Escape (virtual floppy drive 0day)

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ