Куда я попал?
SECURITM это SGRC система, ? автоматизирующая процессы в службах информационной безопасности. SECURITM помогает построить и управлять ИСПДн, КИИ, ГИС, СМИБ/СУИБ, банковскими системами защиты.
А еще SECURITM это место для обмена опытом и наработками для служб безопасности.

ipconfig

ipconfig is a Windows utility that can be used to find information about a system's TCP/IP, DNS, DHCP, and adapter configuration. (Citation: TechNet Ipconfig)
ID: S0100
Type: TOOL
Platforms: Windows
Version: 1.1
Created: 31 May 2017
Last Modified: 12 Oct 2022

Groups That Use This Software

ID Name References
G0093 GALLIUM

(Citation: Cybereason Soft Cell June 2019)

G0006 APT1

(Citation: Mandiant APT1)

G1017 Volt Typhoon

(Citation: Joint Cybersecurity Advisory Volt Typhoon June 2023)

G0050 APT32

(Citation: Cybereason Cobalt Kitty 2017)

G0096 APT41

(Citation: Group IB APT 41 June 2021)

G0049 OilRig

(Citation: Palo Alto OilRig May 2016)

(Citation: Bitdefender FunnyDream Campaign November 2020)

G0059 Magic Hound

(Citation: DFIR Report APT35 ProxyShell March 2022) (Citation: DFIR Phosphorus November 2021)

G0071 Orangeworm

(Citation: Symantec Orangeworm April 2018)

G1001 HEXANE

(Citation: ClearSky Siamesekitten August 2021) (Citation: Zscaler Lyceum DnsSystem June 2022)

G0027 Threat Group-3390

(Citation: SecureWorks BRONZE UNION June 2017)

G0016 APT29

(Citation: CISA SoreFang July 2016)

G0018 admin@338

(Citation: FireEye admin@338)

G0004 Ke3chang

(Citation: Mandiant Operation Ke3chang November 2014) (Citation: NCC Group APT15 Alive and Strong)

References

  1. Microsoft. (n.d.). Ipconfig. Retrieved April 17, 2016.
  2. Cybereason Nocturnus. (2019, June 25). Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers. Retrieved July 18, 2019.
  3. Mandiant. (n.d.). APT1 Exposing One of China’s Cyber Espionage Units. Retrieved July 18, 2016.
  4. NSA et al. (2023, May 24). People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection. Retrieved July 27, 2023.
  5. Dahan, A. (2017). Operation Cobalt Kitty. Retrieved December 27, 2018.
  6. Rostovcev, N. (2021, June 10). Big airline heist APT41 likely behind a third-party attack on Air India. Retrieved August 26, 2021.
  7. Falcone, R. and Lee, B.. (2016, May 26). The OilRig Campaign: Attacks on Saudi Arabian Organizations Deliver Helminth Backdoor. Retrieved May 3, 2017.
  8. Vrabie, V. (2020, November). Dissecting a Chinese APT Targeting South Eastern Asian Government Institutions. Retrieved September 19, 2022.
  9. DFIR Report. (2021, November 15). Exchange Exploit Leads to Domain Wide Ransomware. Retrieved January 5, 2023.
  10. DFIR Report. (2022, March 21). APT35 Automates Initial Access Using ProxyShell. Retrieved May 25, 2022.
  11. Symantec Security Response Attack Investigation Team. (2018, April 23). New Orangeworm attack group targets the healthcare sector in the U.S., Europe, and Asia. Retrieved May 8, 2018.
  12. ClearSky Cyber Security . (2021, August). New Iranian Espionage Campaign By “Siamesekitten” - Lyceum. Retrieved June 6, 2022.
  13. Shivtarkar, N. and Kumar, A. (2022, June 9). Lyceum .NET DNS Backdoor. Retrieved June 23, 2022.
  14. Counter Threat Unit Research Team. (2017, June 27). BRONZE UNION Cyberespionage Persists Despite Disclosures. Retrieved July 13, 2017.
  15. CISA. (2020, July 16). MAR-10296782-1.v1 – SOREFANG. Retrieved September 29, 2020.
  16. FireEye Threat Intelligence. (2015, December 1). China-based Cyber Threat Group Uses Dropbox for Malware Communications and Targets Hong Kong Media Outlets. Retrieved December 4, 2015.
  17. Villeneuve, N., Bennett, J. T., Moran, N., Haq, T., Scott, M., & Geers, K. (2014). OPERATION “KE3CHANG”: Targeted Attacks Against Ministries of Foreign Affairs. Retrieved November 12, 2014.
  18. Smallridge, R. (2018, March 10). APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS. Retrieved April 4, 2018.

Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.