Trusted Design

Microsoft Office Zero-Day CVE-2015-2424 Leveraged By Tsar Team

概要

Yesterday, Microsoft patched CVE-2015-2424, a vulnerability in Microsoft Office discovered by iSIGHT Partners while monitoring the Russian cyber espionage team we call Tsar Team. When we found the exploit it appeared to be under development and evidence suggests it was deployed in Georgia. Following discovery, we alerted our customers and began working with Microsoft through the responsible disclosure process.

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

APT41

Score: 5.98
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1120 - Peripheral Device Discovery
  • T1218.010 - Regsvr32
MITREへのリンク →

Scattered Spider

Score: 4.49
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1120 - Peripheral Device Discovery
MITREへのリンク →

TA505

Score: 3.29
Matched TTPs:
  • T1560.003 - Archive via Custom Method
MITREへのリンク →

Volt Typhoon

Score: 7.13
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1686.003 - Windows Host Firewall
MITREへのリンク →

APT3

Score: 5.98
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1120 - Peripheral Device Discovery
  • T1218.010 - Regsvr32
MITREへのリンク →

FIN13

Score: 4.49
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1120 - Peripheral Device Discovery
MITREへのリンク →

Sandworm Team

Score: 6.54
Matched TTPs:
  • T1686.003 - Windows Host Firewall
  • T1120 - Peripheral Device Discovery
  • T1218.010 - Regsvr32
MITREへのリンク →

Storm-0501

Score: 5.05
Matched TTPs:
  • T1686.003 - Windows Host Firewall
  • T1120 - Peripheral Device Discovery
MITREへのリンク →

Blue Mockingbird

Score: 5.74
Matched TTPs:
  • T1120 - Peripheral Device Discovery
  • T1001.001 - Junk Data
MITREへのリンク →

Kimsuky

Score: 9.18
Matched TTPs:
  • T1120 - Peripheral Device Discovery
  • T1126 - Network Share Connection Removal
  • T1003.003 - NTDS
MITREへのリンク →

TeamTNT

Score: 5.74
Matched TTPs:
  • T1120 - Peripheral Device Discovery
  • T1071.003 - Mail Protocols
MITREへのリンク →

Contagious Interview

Score: 5.05
Matched TTPs:
  • T1120 - Peripheral Device Discovery
  • T1126 - Network Share Connection Removal
MITREへのリンク →

Moonstone Sleet

Score: 5.05
Matched TTPs:
  • T1120 - Peripheral Device Discovery
  • T1126 - Network Share Connection Removal
MITREへのリンク →

APT28

Score: 6.03
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

Ember Bear

Score: 5.63
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1003.003 - NTDS
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.78
Matched TTPs:
  • T1126 - Network Share Connection Removal
  • T1120 - Peripheral Device Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Volt Typhoon

Score: 0.64
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1686.003 - Windows Host Firewall
MITREへのリンク →

Sandworm Team

Score: 0.60
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1120 - Peripheral Device Discovery
  • T1686.003 - Windows Host Firewall
MITREへのリンク →

APT28

Score: 0.60
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

APT41

Score: 0.58
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1560.003 - Archive via Custom Method
  • T1120 - Peripheral Device Discovery
MITREへのリンク →

APT3

Score: 0.56
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1560.003 - Archive via Custom Method
  • T1120 - Peripheral Device Discovery
MITREへのリンク →

Related CVEs

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る