{"html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fincidents.hatenablog.com%2Fentry%2F2024%2F12%2F05%2F000000_3\" title=\"U.S. org suffered four month intrusion by Chinese hackers - TT Incidents Log\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","title":"U.S. org suffered four month intrusion by Chinese hackers","categories":["\u653b\u6483\u624b\u6cd5: Kerberoasting","\u56fd: \u4e2d\u56fd","**\u4e0d\u6b63\u30a2\u30af\u30bb\u30b9 / \u30b5\u30a4\u30d0\u30fc\u653b\u6483 / Cyber Attack","\u653b\u6483\u7d44\u7e54: Crimson Palace (\u4e2d\u56fd)","\u653b\u6483\u7d44\u7e54: Evasive Panda / Daggerfly (\u4e2d\u56fd)"],"author_url":"https://blog.hatena.ne.jp/tanigawa/","author_name":"tanigawa","url":"https://incidents.hatenablog.com/entry/2024/12/05/000000_3","blog_url":"https://incidents.hatenablog.com/","image_url":null,"description":"\u3010\u8a33\u3011\u7c73\u56fd\u306e\u7d44\u7e54\u304c4\u304b\u6708\u9593\u306b\u308f\u305f\u3063\u3066\u4e2d\u56fd\u30cf\u30c3\u30ab\u30fc\u306e\u4fb5\u5165\u88ab\u5bb3\u306b\u906d\u3046 \u3010\u8981\u7d04\u3011 2024\u5e744\u6708\u304b\u30898\u6708\u306b\u304b\u3051\u3066\u3001\u7c73\u56fd\u306e\u5927\u624b\u7d44\u7e54\u304c\u4e2d\u56fd\u62e0\u70b9\u306e\u30cf\u30c3\u30ab\u30fc\u306b\u4fb5\u5165\u3055\u308c\u3001\u96fb\u5b50\u30e1\u30fc\u30eb\u3084\u30c7\u30fc\u30bf\u306e\u5916\u90e8\u6d41\u51fa\u3092\u76ee\u7684\u3068\u3057\u305f\u653b\u6483\u3092\u53d7\u3051\u307e\u3057\u305f\u3002\u653b\u6483\u306fExchange\u30b5\u30fc\u30d0\u30fc\u3084\u8907\u6570\u306e\u30de\u30b7\u30f3\u3092\u6a19\u7684\u3068\u3057\u3001\u300cKerberoasting\u300d\u3084PowerShell\u3001PsExec\u306a\u3069\u306e\u624b\u6cd5\u3067\u6301\u7d9a\u6027\u3092\u78ba\u4fdd\u3002FileZilla\u3084Impacket\u3092\u4f7f\u7528\u3057\u3001\u30c7\u30fc\u30bf\u62bd\u51fa\u304c\u884c\u308f\u308c\u307e\u3057\u305f\u3002\u7d44\u7e54\u7684\u306a\u60c5\u5831\u53ce\u96c6\u304c\u76ee\u7684\u3068\u3055\u308c\u3001\u4e2d\u56fd\u306e\u8105\u5a01\u30b0\u30eb\u30fc\u30d7\u300cDaggerfly\u300d\u3084\u300cCrimson Palace\u300d\u3068\u95a2\u9023\u304c\u793a\u5506\u3055\u308c\u3066\u3044\u307e\u3059\u3002 \u3010\u30cb\u30e5\u30fc\u30b9\u3011 \u25c6U.S. org s\u2026","width":"100%","version":"1.0","published":"2024-12-05 00:00:00","type":"rich","provider_name":"Hatena Blog","height":"190","provider_url":"https://hatena.blog","blog_title":"TT Incidents Log"}