216.73.217.22

UNC6240

· Published 15/06/2026 21:16 · Modified 15/06/2026 21:16 · Source: AlienVault

Essential information

Confidence
100/100
Published
15/06/2026 21:16
Modified
15/06/2026 21:16
Updated at
15/06/2026 21:16
Revoked
No
Author / Source
AlienVault
Resource level
Primary motivation
Related entities
1 reports, 20 attack patterns (mitre), 1 malware, 1 sectors, 1 countries, 8 indicators, 1 vulnerabilities (cve)

Description

No description.

Marking (TLP)

TLP:CLEAR

Related entities

Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.

Reports (1)

Attack patterns (MITRE) (20)

  • T1027 uses
    Obfuscated Files or Information
  • T1505.003 uses
    Web Shell
  • T1133 uses
    External Remote Services
  • T1552.001 uses
    Credentials In Files
  • T1069 uses
    Permission Groups Discovery
  • T1078 uses
    Valid Accounts
  • T1190 uses
    Exploit Public-Facing Application
  • T1491 uses
    Defacement
  • T1021.004 uses
    SSH
  • T1083 uses
    File and Directory Discovery
  • T1041 uses
    Exfiltration Over C2 Channel
  • T1059.004 uses
    Unix Shell
  • T1110.001 uses
    Password Guessing
  • T1114 uses
    Email Collection
  • T1036.005 uses
    Match Legitimate Resource Name or Location
  • T1018 uses
    Remote System Discovery
  • T1573.002 uses
    Asymmetric Cryptography
  • T1486 uses
    Data Encrypted for Impact
  • T1071.001 uses
    Web Protocols
  • T1560.001 uses
    Archive via Utility

Malware (1)

  • MeshCentral uses
    Family
    Published 11/06/2026 21:09 · Modified 11/06/2026 21:09

Sectors (1)

  • Education targets

Countries (1)

  • United States of America targets

Indicators (8)

Vulnerabilities (CVE) (1)

CVE-2026-35273 KEV
9.8 Critical

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported versions that are affected are 8.61 and …

Attack vector
NETWORK
Complexity
LOW
Published
11/06/2026
Modified
12/06/2026