Don't get BITTER about being targeted -- fight back with the help of the community. [Friday, March 01, 2024]

When enterprise security operations centers receive alerts about obvious true positive detections, they want to quickly understand the severity to ...
Don't get BITTER about being targeted -- fight back with the help of the community. [Friday, March 01, 2024]
Don't get BITTER about being targeted -- fight back with the help of the community.

Don't get BITTER about being targeted -- fight back with the help of the community.

Description :
When enterprise security operations centers receive alerts about obvious true positive detections, they want to quickly understand the severity to determine if it is a critical threat that needs immediate containment. Threat intelligence analysts can provide context about whether the attack is part of a bigger campaign. Although some victim and vendor analysis is still closely held, there has been a clear increase in sharing of threat intelligence within the TLP-white community. Analysts often cannot submit samples to services like VirusTotal due to privacy restrictions, so they cannot take advantage of crowdsourced threat intel. The CARA platform guides analysts through investigative steps without compromising controls. By pivoting on domains, behaviors and code similarities, analysts can connect alerts to related attacks, like BITTER campaigns, to inform response priorities.

Published Created Modified
2024-03-01 16:39:13 2024-03-01 16:39:13 2024-03-01 17:01:19

Tags

Indicators

URLs : Domains : Malwares :
  • DarkWatchman - S0673
  • Backdoor.Oldrea - S0093
  • Havex
Hashes :
  • 15161231be575991c70252cc33cdd2c41b5c3b255d6510790bef32be9b6ff5a2
  • 83ca53918af3ea659d767e489a1e42ea97879e3e534f68c4edc7d0eb77f44204
  • 5b90d4c397e575965ed49082981fd34272b5e1da010057f6ebcdd4f53a409ad0
  • 561ace43f77de135d5b3286bd2ef270b185d0abdba15d442551211068f8bbf11
  • f5eec8ae7f8646328b9de05931fadc3f693c0a3f0f7d1aa0a90071445072dd3f
  • 9ad342489796e18fb385d5874d9a9867418a3b01d6f65307e9c183ec04494a70
  • 4f94e7bd1515e0025293fb5a041bc41c20a7dd15a6dd0bc7076145a69d5238c0
  • e96a5ab01c95bd9e5b266379e7365bb1c07549b56ae7992d32e09728c4221db4
  • 382c64eae475fbd849914e37624f58892f72fd97517de88d368535213816961d
  • b0f8c8e48d4a1e78550bda551745219613cc3dca7068da86688b95051d7c249e
  • c24efc7c4dafd4f0b39e7ae7e84627fbd0fb766019b820cb11edbb8dda54de66
  • eaa013b863bda3bd76c6f6073cc304002d1a9f317c8fba9c362534aff7dd1b0b
  • 3f7747266721c8494f8722a8fa9c20368c714002db3b3741fd807e665c8c2ba7
  • 92307952ceb92be981ba8c1c83febf11e6379e1ee492436ee7caff08bb290fbb
  • 66a73b1b3b51a1c6a56db2d20cff9af3d1362b989989b5d9543d2e9b92ac9a3d
  • 445c801e857329e1740745b4949349a02971530c4f5d28a8e9e5489c3516933a
  • 62e42d3e778fd79b7989966b057c24c141531f871a7c73703b35858ab3d13f47
  • fec00455734451b722f3037e0a668c280c5ddbec1d905c647bf1a7f153856860
  • 95990cac90d19e6fe48bff85a72148c35facbb2e61b1f326d85e82603240a741
  • c0d926b33ae2351a9a528ba4d7ca13be7d55ba3455d52c5a69c8b381ade28ed0
  • 825abcdd216c1f717951b02cf8d91ab6b3bdf915fb5532ebb400e15e6625e0af
  • f8749de274e9f7656ca51edb78aaaea56913aa35557866e5a6e1cb0773082c99
  • 8cfc803459682619e97f172e9cca33458fdf38b0b9ca09f8ccbc7df16f09240f
  • 408292710999abc4d37f23a6672ef407d70ffb4dc2e3e030a5ec705735c1f8bd
  • b514635f569791316e1c55057f63f596847e23c0fa1ca0f751c5a2135f72b8ff
  • 7f8dec191ee184b7b776dc24841a24291020a0338ede80bebb34c2bc4e6bc47c
  • 636c2a16f94b5e30e725527a1bd2215399f98f17cc08580bc7358751b9eb2944
  • 35a7feb273ad532b79a5b9e0536642c23c888ec9338369b2159d6f42e2b626e7
  • 986ff32b5fb4409495cc82aae223712a185d0f36cdcc6c7b81213c12704d3b28
  • b4ab34aa754c979e6173d8b73f1d56611fd4e82801dd4a11cc7ce7a37f3db6c1
  • 1ea9e9ecd0e5b0ac4aedc1b5515484a372dd8aefb1dbeb00f243a0a3ce40fab9
  • 5a12c312fa06cce9aa92496fb69cfec6f814d0d3622e1ad17c2fafd79d64a087
  • 510b3de50c8dfc20a3085166f373a5f12475c7915984de0afa3cc0bff0c2580d
  • 6d33065e91a1159142ba61e4982190bfe02235b60808a33275ff9ccc688b7f23
  • 22dd82c94cadf5cf31b3e9519e8149d4a68fe13bac13eaef91bf283a4beb8101
  • e1b1b65b06b015f18b572e6b509f75d6b7c17b1c60a41d1adeb61e05f41bb3e1
  • 06dd9a7aebe0995b23526f04eabc85db3d2d98def9be58c1012a1280f5aa63f1
  • f598f3bd60a39ad5861f145e82b33acde146b6ed5c2ffd9c6862ca1ea635afbf
  • a2e3f464e1c39909f47f0b837b04e1256061f4a9698678e097b4dd09aa4de9c1
  • 2fe49d93b5dcf19a2b60e91756246b051adc89303151c9e0b875c3f21c698be9
  • e8b7fffa0a2d8a2051c3272bfaefffe7174707756cb8469c0f985bfa03fce476
  • 876122fcc9e0d5ebd42df9e93d37ad23d9f521e6077e9cb8b05862ae157757e3
  • f2f783a72e955ecbcddc448764921a753bd1ac4dd14128200bb4866021287ae7
  • 490eccbb2712e7752a0ba193f783de9d333f67ba1fde5bb130280c5abf77555a
  • 094305681d64999d29d95e7839ad801b3a8c479fb08d2493f00bf4687c646012
  • 20aa80472d58350f1f7d61026b0ee97932ef6f6a607706034863c6a878d83d2a
  • 48c715cb2a2dd70ece6c4dea58522e9f8c2b9265394f5f06d8d3ccb497071939
  • c77ae7c9533eddbb5f2b80889590436aac7df6166abefc51d5a65f775e6258dc
  • c492bdf749b0a229cb256e1ee04e1c48b7472a351f04605415c11d40063cd14a
Intrusion set :
  • BITTER
MITRE ATT&CK Techniques : Other observables :
  • Technology
  • Government

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.