IOC Radar
TLP:WHITE2 IOCs

How Rogue ISPs Tamper With Geofeeds

DC
DCSO CyTec Blog
Published March 19, 2024Original Report

Diamond Model

Attack Flow7 steps · MITRE ATT&CK mapped

Initial AccessTA0001·T1190
1/7
Exploit Public-Facing Application
ActionExploit geofeeds
Threat actors leverage geofeeds, potentially by exploiting vulnerabilities in how they are published or consumed, to gain initial access.

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise2

TypeIndicatorConfidenceScoreFirst Seen
SHA122722a610a1ecc6548cb0b539aca5c5d77fe9e72
file-hashindicatorintel-blog
Medium
53
Jun 2, 26
SHA1358614d3c919471d8bba6ce31f9f9583bda3adba
file-hashindicatorintel-blog
Medium
53
Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph2 total IOCs
SHA1
SHA12REPORTHow Rogue ISPs Tamper With
scroll to zoom · drag to pan · click IOC to open