216.73.216.153

SideWinder Utilizes New Infrastructure to Target Ports and Maritime Facilities in the Mediterranean Sea

· Published 30/07/2024 15:39 · Modified 30/07/2024 16:29

Export JSON

Essential information

Published
30/07/2024 15:39
Modified
30/07/2024 16:29
Tags
2024-07-30 CVE-2017-0199 CVE-2017-11882 espionage infrastructure javascript maritime nation-state phishing targeted vulnerability
Related entities
2 vulnerabilities (cve), 47 observables, 1 intrusion sets (apt), 11 techniques (mitre), 7 others

Description

BlackBerry's researchers have uncovered a new campaign by the threat actor SideWinder. The group employs sophisticated techniques, such as utilizing carefully crafted emails with visual lures designed to target specific organizations. The campaign aims to compromise ports and facilities in the Indian Ocean and Mediterranean Sea regions through and intelligence gathering activities. The attack chain involves exploiting vulnerabilities in Microsoft Office and downloading malicious payloads from the group's . SideWinder continuously evolves its tactics, making it an ongoing threat.

External references