Attackers deploying new tactics in campaign targeting exposed Docker APIs
June 20, 2024, 1:11 p.m.
Description
Date
Published | Created | Modified |
---|---|---|
June 20, 2024, 12:42 p.m. | June 20, 2024, 12:42 p.m. | June 20, 2024, 1:11 p.m. |
Indicators
fdda14d3bc993960991ac6c95964514444e730f04b76d607df6e59087761648d
f53b8f70f6aeb478781e17ffd16a0fbbe5a5a08b4c4c0597091bc3407794ed1b
f3925aad20636a17be343ff473e6acb86345bc82c6611daa2154e24cd5e670e8
dcff5f9e748c915aeefce08991d924197aff7f2a0affda00bfb45cfa1919b641
b6ddd29b0f74c8cfbe429320e7f83427f8db67e829164b67b73ebbdcd75d162d
852a577b227aa856399ae836d9db15eee38a4f62301a8590f80a009ec29dad8a
7044f839aecd91bc5e4deac327d0b41fdae9a8238a9b64510ff336e49ed92e08
51de345f677f46595fc3bd747bfb61bc9ff130adcbec48f3401f8057c8702af9
32dfb086e6719c20666f151d17a3fbfcbccf559d0a8f1b2b888175f1a4d8f8a8
2063e682e631fc28d77b50b32494edf2cf37bcc1e85c6d0302b34fa2e30aa52f
12481d3fbcee0ed5aa8a9c8bc1aeb71bf9439cbddf68e8cd275c2a90b26ec0ad
0d508268b3f6d3b5396d5d182e546e59311af1d4ebe03a7728e2fd2a212c008b
048a1fe62bcd51cbf91128012dc1c15f25b17133d241c25d6717c3caf766c1ec
194.36.190.118
107.189.7.84
206.189.204.54
64.19.222.131
http://b.9-9-13.com/brysj/m/m.tar
http://b.9-9-11.com/brysj/m/m.tar
http://b.9-9-12.com/brysj/m/m.tar
http://b.9-9-11.com/brysj/d/s.sh
http://b.9-9-11.com/brysj/d/ar.sh
http://b.9-9-11.com/brysj/d/ai.sh
Attack Patterns
TA0001
TA0003
T1496
T1041
CVE-2023-22515
CVE-2022-26134