Diplomatic Orbiter
· Published 21/12/2025 02:13 · Modified 21/12/2025 02:13
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 02:13
- Modified
- 21/12/2025 02:13
- Updated at
- 21/12/2025 02:13
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 35 attack patterns (mitre), 2 malware, 5 sectors, 1 countries, 32 indicators, 2 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Attack patterns (MITRE) (35)
Malware (2)
-
GraphicalProton uses
-
SVR Cyber uses
Sectors (5)
-
Political parties targets
-
Government targets
-
Technology targets
-
Information Technologies Consulting targets
-
Diplomacy targets
Countries (1)
-
United States of America targets
Indicators (32)
-
773f0102720af2957859d6930cd09693824d87db705b3303cef9ee794375ce13indicates -
c37c109171f32456bbe57b8676cc533091e387e6ba733fbaa01175c43cfb6ebdindicates -
1e74cf0223d57fd846e171f4a58790280d4593df1f23132044076560a5455ff8indicates -
ebe231c90fad02590fc56d5840acc63b90312b0e2fee7da3c7606027ed92600eindicates -
cd3584d61c2724f927553770924149bb51811742a461146b15b34a26c92cad43indicates -
c40a8006a7b1f10b1b42fdd8d6d0f434be503fb3400fb948ac9ab8ddfa5b78a0indicates -
34c8f155601a3948ddb0d60b582cfe87de970d443cc0e05df48b1a1ad2e42b5eindicates -
stix 100/100 Revoked
research_pe_signed_outside_timestamp
· Valid until 01/12/2025 · Source: AlienVault -
d724728344fcf3812a0664a80270f7b4980b82342449a8c5a2fa510e10600443indicates -
18101518eae3eec6ebe453de4c4c380160774d7c3ed5c79e1813013ac1bb0b93indicates -
971f0ced6c42dd2b6e3ea3e6c54d0081cf9b06e79a38c2ede3a2c5228c27a6dcindicates -
92c7693e82a90d08249edeafbca6533fed81b62e9e056dec34c24756e0a130a6indicates
Vulnerabilities (CVE) (2)
8.6
High
Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for remote code execution.
- Attack vector
- Network
- Published
- 15/03/2023
- Modified
- 21/12/2025
9.8
Critical
JetBrains TeamCity contains an authentication bypass vulnerability that allows for remote code execution on TeamCity Server.
- Attack vector
- Network
- Published
- 04/10/2023
- Modified
- 29/05/2026