Multiple Chinese APT Groups Quickly Use Flash Zero-Day
概要
The FireEye as a Service team detected independent phishing campaigns conducted by two Chinese advanced persistent threat (APT) groups that we track, APT3 and APT18. Each threat group quickly took advantage of a zero-day vulnerability (CVE-2015-5119), which was leaked in the disclosure of Hacking Team’s internal data. Adobe released a patch for the vulnerability on July 8, 2015. Before that patch was released, the groups launched phishing campaigns against multiple companies in the aerospace and defense, construction and engineering, education, energy, health and biotechnology, high tech, non-profit, telecommunications, and transportation industries.
Created: 2026-02-23
Indicators
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 8.26
Matched TTPs:
- T1564.008 - Email Hiding Rules
- T1003.003 - NTDS
MITREへのリンク →
Score: 16.38
Matched TTPs:
- T1564.008 - Email Hiding Rules
- T1606.002 - SAML Tokens
- T1686.003 - Windows Host Firewall
- T1566.002 - Spearphishing Link
- T1193 - Spearphishing Attachment
MITREへのリンク →
Score: 20.71
Matched TTPs:
- T1606.002 - SAML Tokens
- T1566.002 - Spearphishing Link
- T1608.005 - Link Target
- T1057 - Process Discovery
- T1197 - BITS Jobs
- T1003.003 - NTDS
- T1008 - Fallback Channels
MITREへのリンク →
Score: 5.02
Matched TTPs:
- T1606.002 - SAML Tokens
- T1569.002 - Service Execution
MITREへのリンク →
Score: 11.28
Matched TTPs:
- T1606.002 - SAML Tokens
- T1566.002 - Spearphishing Link
- T1057 - Process Discovery
- T1197 - BITS Jobs
MITREへのリンク →
Score: 16.51
Matched TTPs:
- T1606.002 - SAML Tokens
- T1608.005 - Link Target
- T1057 - Process Discovery
- T1055.015 - ListPlanting
- T1569.002 - Service Execution
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 14.83
Matched TTPs:
- T1606.002 - SAML Tokens
- T1021.006 - Windows Remote Management
- T1218.008 - Odbcconf
- T1608.005 - Link Target
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 14.58
Matched TTPs:
- T1606.002 - SAML Tokens
- T1212 - Exploitation for Credential Access
- T1059.004 - Unix Shell
- T1055.015 - ListPlanting
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 12.82
Matched TTPs:
- T1606.002 - SAML Tokens
- T1021.006 - Windows Remote Management
- T1059.004 - Unix Shell
- T1055.015 - ListPlanting
MITREへのリンク →
Score: 4.84
Matched TTPs:
- T1606.002 - SAML Tokens
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 4.11
Matched TTPs:
- T1606.002 - SAML Tokens
- T1608.005 - Link Target
MITREへのリンク →
Score: 13.34
Matched TTPs:
- T1606.002 - SAML Tokens
- T1608.005 - Link Target
- T1212 - Exploitation for Credential Access
- T1059.004 - Unix Shell
- T1569.002 - Service Execution
MITREへのリンク →
Score: 9.31
Matched TTPs:
- T1606.002 - SAML Tokens
- T1566.002 - Spearphishing Link
- T1608.005 - Link Target
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 14.96
Matched TTPs:
- T1606.002 - SAML Tokens
- T1608.005 - Link Target
- T1564.002 - Hidden Users
- T1057 - Process Discovery
- T1055.015 - ListPlanting
MITREへのリンク →
Score: 13.21
Matched TTPs:
- T1686.003 - Windows Host Firewall
- T1057 - Process Discovery
- T1212 - Exploitation for Credential Access
- T1569.002 - Service Execution
MITREへのリンク →
Score: 3.84
Matched TTPs:
- T1686.003 - Windows Host Firewall
MITREへのリンク →
Score: 10.44
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1197 - BITS Jobs
- T1027.002 - Software Packing
MITREへのリンク →
Score: 7.91
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1608.005 - Link Target
- T1197 - BITS Jobs
MITREへのリンク →
Score: 7.22
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1608.005 - Link Target
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 4.47
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1608.005 - Link Target
MITREへのリンク →
Score: 15.33
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1608.005 - Link Target
- T1057 - Process Discovery
- T1197 - BITS Jobs
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 6.30
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1193 - Spearphishing Attachment
MITREへのリンク →
Score: 8.90
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1059.004 - Unix Shell
- T1008 - Fallback Channels
MITREへのリンク →
Score: 7.69
Matched TTPs:
- T1193 - Spearphishing Attachment
- T1218.008 - Odbcconf
MITREへのリンク →
Score: 5.86
Matched TTPs:
- T1218.008 - Odbcconf
- T1608.005 - Link Target
MITREへのリンク →
Score: 6.88
Matched TTPs:
- T1567.001 - Exfiltration to Code Repository
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 6.88
Matched TTPs:
- T1567.001 - Exfiltration to Code Repository
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1212 - Exploitation for Credential Access
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1212 - Exploitation for Credential Access
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1212 - Exploitation for Credential Access
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1212 - Exploitation for Credential Access
MITREへのリンク →
Score: 6.72
Matched TTPs:
- T1055.015 - ListPlanting
- T1008 - Fallback Channels
MITREへのリンク →
Score: 7.06
Matched TTPs:
- T1569.002 - Service Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1008 - Fallback Channels
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1008 - Fallback Channels
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1008 - Fallback Channels
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.81
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1057 - Process Discovery
- T1008 - Fallback Channels
- T1003.003 - NTDS
- T1197 - BITS Jobs
- T1608.005 - Link Target
- T1606.002 - SAML Tokens
MITREへのリンク →
Score: 0.71
Matched TTPs:
- T1569.002 - Service Execution
- T1057 - Process Discovery
- T1055.015 - ListPlanting
- T1556 - Modify Authentication Process
- T1608.005 - Link Target
- T1606.002 - SAML Tokens
MITREへのリンク →
Score: 0.68
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1564.008 - Email Hiding Rules
- T1193 - Spearphishing Attachment
- T1686.003 - Windows Host Firewall
- T1606.002 - SAML Tokens
MITREへのリンク →
Score: 0.67
Matched TTPs:
- T1566.002 - Spearphishing Link
- T1057 - Process Discovery
- T1566.003 - Spearphishing via Service
- T1197 - BITS Jobs
- T1608.005 - Link Target
MITREへのリンク →
Score: 0.66
Matched TTPs:
- T1564.002 - Hidden Users
- T1057 - Process Discovery
- T1055.015 - ListPlanting
- T1608.005 - Link Target
- T1606.002 - SAML Tokens
MITREへのリンク →
Score: 0.63
Matched TTPs:
- T1212 - Exploitation for Credential Access
- T1059.004 - Unix Shell
- T1055.015 - ListPlanting
- T1556 - Modify Authentication Process
- T1606.002 - SAML Tokens
MITREへのリンク →
Score: 0.62
Matched TTPs:
- T1021.006 - Windows Remote Management
- T1218.008 - Odbcconf
- T1556 - Modify Authentication Process
- T1608.005 - Link Target
- T1606.002 - SAML Tokens
MITREへのリンク →
Score: 0.60
Matched TTPs:
- T1569.002 - Service Execution
- T1212 - Exploitation for Credential Access
- T1059.004 - Unix Shell
- T1608.005 - Link Target
- T1606.002 - SAML Tokens
MITREへのリンク →
Score: 0.59
Matched TTPs:
- T1021.006 - Windows Remote Management
- T1059.004 - Unix Shell
- T1055.015 - ListPlanting
- T1606.002 - SAML Tokens
MITREへのリンク →
Score: 0.59
Matched TTPs:
- T1686.003 - Windows Host Firewall
- T1569.002 - Service Execution
- T1212 - Exploitation for Credential Access
- T1057 - Process Discovery
MITREへのリンク →
Related CVEs
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design