← Back to Pulse Feed
PULSE DETAIL
A China-aligned threat group tracked as SHADOW-EARTH-053 is conducting cyber espionage by exploiting vulnerabilities in internet-facing Microsoft Exchange and IIS servers.
Indicators of Compromise (7)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-SHA256 | 4264cfb3980a068ab36d842c7ee0942f40aaf308f31ed48b41e140e59885f5c8 | — | 2026-05-02 | |
| IPv4 | 141.164.46.77 | CC=KR ASN=AS20473 the constant company llc | 2026-05-02 | |
| IPv4 | 194.38.11.3 | CC=RU ASN=AS202984 chernyshov aleksandr aleksandrovich | 2026-05-02 | |
| IPv4 | 209.141.40.254 | CC=US ASN=AS53667 frantech solutions | 2026-05-02 | |
| IPv4 | 96.9.125.227 | CC=CA ASN=AS30295 smartt inc. | 2026-05-02 | |
| domain | zimbra-beta.info | — | 2026-05-02 | |
| hostname | check.office365-update.com | — | 2026-05-02 |