Pulse Detail — Threat Intelligence

PULSE NAME

#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability | CISA

WHITE CyberHunter_NL 2023-11-21 Modified: 2023-12-21

IOCs

MEDIUM VOLUME

Ransomware is a growing threat to networks, but how do you protect against it and what can you know about the latest threat? Â£2.5m worth of ransomware has been discovered on a Boeing website.

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1082 T1539 T1556 T1563 T1531 T1027 T1218 T1547 T1021 T1070 T1548 T1134 T1059

MALWARE FAMILIES

LockBit Bleed Threat

Indicators of Compromise (3 / 29 total)

All CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL YARA domain email hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	6e8ca501c45a9b85fff2378cffaa24b2	—	2023-11-21
FileHash-MD5	d7addb5b6f55eab1686410a17b3c867b	MD5 of 498ba0afa5d3b390f852af66bd6e763945bf9b6bff2087015ed8612a18372155	2023-11-21
FileHash-MD5	eb842a9509dece779d138d2e6b0f6949	—	2023-11-21

References (1)

↗ https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-325a