Trusted Design

Microsoft Office Zero-Day CVE-2015-2424 Leveraged By Tsar Team

概要

Yesterday, Microsoft patched CVE-2015-2424, a vulnerability in Microsoft Office discovered by iSIGHT Partners while monitoring the Russian cyber espionage team we call Tsar Team. When we found the exploit it appeared to be under development and evidence suggests it was deployed in Georgia. Following discovery, we alerted our customers and began working with Microsoft through the responsible disclosure process.

Created: 2026-02-23

Indicators

類似Pulses

CVE-2015-0097 Exploited in the Wild (score: 0.72)
Ongoing analysis of unknown exploit targeting Office 2007-2013 (score: 0.70)
EPS Processing Zero-Days Exploited by Multiple Threat Actors (score: 0.68)
MS Office exploit analysis – CVE-2015-1641 (score: 0.65)
Microsoft Office OLE2Link vulnerability samples - a quick triage (score: 0.63)

このPulseに関連する脅威アクター (事実ベース)

APT41

Score: 5.98

Matched TTPs:

T1069 - Permission Groups Discovery
T1082 - System Information Discovery
T1203 - Exploitation for Client Execution

MITREへのリンク →

Scattered Spider

Score: 4.49

Matched TTPs:

T1069 - Permission Groups Discovery
T1082 - System Information Discovery

MITREへのリンク →

TA505

Score: 3.29

Matched TTPs:

T1069 - Permission Groups Discovery

MITREへのリンク →

Volt Typhoon

Score: 7.13

Matched TTPs:

T1069 - Permission Groups Discovery
T1588.006 - Vulnerabilities

MITREへのリンク →

APT3

Score: 5.98

Matched TTPs:

T1069 - Permission Groups Discovery
T1082 - System Information Discovery
T1203 - Exploitation for Client Execution

MITREへのリンク →

FIN13

Score: 4.49

Matched TTPs:

T1069 - Permission Groups Discovery
T1082 - System Information Discovery

MITREへのリンク →

Sandworm Team

Score: 6.54

Matched TTPs:

T1588.006 - Vulnerabilities
T1082 - System Information Discovery
T1203 - Exploitation for Client Execution

MITREへのリンク →

Storm-0501

Score: 5.05

Matched TTPs:

T1588.006 - Vulnerabilities
T1082 - System Information Discovery

MITREへのリンク →

Blue Mockingbird

Score: 5.74

Matched TTPs:

T1082 - System Information Discovery
T1574.012 - COR_PROFILER

MITREへのリンク →

Kimsuky

Score: 9.18

Matched TTPs:

T1082 - System Information Discovery
T1587 - Develop Capabilities
T1588.005 - Exploits

MITREへのリンク →

TeamTNT

Score: 5.74

Matched TTPs:

T1082 - System Information Discovery
T1610 - Deploy Container

MITREへのリンク →

Contagious Interview

Score: 5.05

Matched TTPs:

T1082 - System Information Discovery
T1587 - Develop Capabilities

MITREへのリンク →

Moonstone Sleet

Score: 5.05

Matched TTPs:

T1082 - System Information Discovery
T1587 - Develop Capabilities

MITREへのリンク →

APT28

Score: 6.03

Matched TTPs:

T1203 - Exploitation for Client Execution
T1137.002 - Office Test

MITREへのリンク →

Ember Bear

Score: 5.63

Matched TTPs:

T1203 - Exploitation for Client Execution
T1588.005 - Exploits

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.78

Matched TTPs:

T1082 - System Information Discovery
T1588.005 - Exploits
T1587 - Develop Capabilities

MITREへのリンク →

Volt Typhoon

Score: 0.64

Matched TTPs:

T1588.006 - Vulnerabilities
T1069 - Permission Groups Discovery

MITREへのリンク →

Sandworm Team

Score: 0.60

Matched TTPs:

T1082 - System Information Discovery
T1203 - Exploitation for Client Execution
T1588.006 - Vulnerabilities

MITREへのリンク →

APT28

Score: 0.60

Matched TTPs:

T1203 - Exploitation for Client Execution
T1137.002 - Office Test

MITREへのリンク →

APT41

Score: 0.58

Matched TTPs:

T1082 - System Information Discovery
T1203 - Exploitation for Client Execution
T1069 - Permission Groups Discovery

MITREへのリンク →

APT3

Score: 0.56

Matched TTPs:

T1082 - System Information Discovery
T1203 - Exploitation for Client Execution
T1069 - Permission Groups Discovery

MITREへのリンク →

Related CVEs

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る