Sektor Insurance

Timeframe: -28 days

Default Categories (76): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Asset Management Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Information Management Software, IP Phone Software, JavaScript Library, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Smartphone Operating System, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Zeitverlauf

Hersteller

Linux348
Microsoft136
Oracle60
Google48
Not Defined42

Produkt

Linux Kernel348
Microsoft Windows88
Juniper Junos OS32
Microsoft SQL Server28
Google Android22

Massnahmen

Official Fix768
Temporary Fix0
Workaround4
Unavailable0
Not Defined124

Ausnutzbarkeit

High2
Functional2
Proof-of-Concept28
Unproven120
Not Defined744

Zugriffsart

Not Defined0
Physical8
Local136
Adjacent398
Network354

Authentisierung

Not Defined0
High90
Low564
None242

Benutzeraktivität

Not Defined0
Required158
None738

C3BM Index

CVSSv3 Base

≤10
≤20
≤328
≤486
≤5224
≤6272
≤7110
≤8118
≤952
≤106

CVSSv3 Temp

≤10
≤20
≤330
≤494
≤5220
≤6338
≤792
≤8104
≤912
≤106

VulDB

≤10
≤22
≤332
≤4104
≤5214
≤6256
≤7116
≤8126
≤940
≤106

NVD

≤1896
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1662
≤22
≤312
≤48
≤536
≤664
≤724
≤854
≤926
≤108

Hersteller

≤1768
≤20
≤30
≤40
≤56
≤68
≤734
≤842
≤938
≤100

Exploit 0-day

<1k28
<2k156
<5k24
<10k420
<25k138
<50k114
<100k16
≥100k0

Exploit heute

<1k284
<2k216
<5k200
<10k112
<25k78
<50k6
<100k0
≥100k0

Exploitmarktvolumen

IOB - Indicator of Behavior (1000)

Zeitverlauf

Sprache

en628
ja122
es54
de50
fr48

Land

us188
jp174
fr66
es46
ru44

Akteure

Mirai2
Emotet1
AsyncRAT1
Sliver1
Sora1

Aktivitäten

Interesse

Zeitverlauf

Typ

Operating System52
Web Server14
Web Browser12
Software Library12
Database Software10

Hersteller

Linux32
Oracle18
Not Defined14
Google12
Microsoft12

Produkt

Linux Kernel32
Google Chrome12
Microsoft Windows12
cym1102 nginxWebUI8
GitLab Community Edition8

Schwachstellen

#SchwachstelleBaseTemp0dayHeuteAusMasEPSSCTICVE
1Google Chrome ANGLE erweiterte Rechte6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000007.13CVE-2024-4058
2Cisco ASA/Firepower Threat Defense Web Server Denial of Service8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.011793.76CVE-2024-20353
3Ruby Regex Search Pufferüberlauf3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000004.10CVE-2024-27282
4Cisco ASA/Firepower Threat Defense erweiterte Rechte6.76.4$5k-$25k$5k-$25kNot DefinedOfficial Fix0.000432.65CVE-2024-20358
5GNU C Library iconv Pufferüberlauf5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000452.31CVE-2024-2961
6Cisco ASA/Firepower Threat Defense Legacy Capability erweiterte Rechte5.15.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.011792.36CVE-2024-20359
7PHP proc_open erweiterte Rechte7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000001.40CVE-2024-1874
8GitLab Community Edition/Enterprise Edition Bitbucket Credentials schwache Authentisierung6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000001.35-CVE-2024-4024
9Google Chrome Dawn Pufferüberlauf6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000001.45CVE-2024-4060
10PuTTY ECDSA Nonce Generation Information Disclosure3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000460.92CVE-2024-31497
11GitLab Community Edition/Enterprise Edition Directory Traversal7.47.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.77-CVE-2024-2434
12PowerDNS Recursor Response Denial of Service6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.000000.63-CVE-2024-25583
13Apple iOS/iPadOS Website erweiterte Rechte6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000450.77CVE-2024-23271
14GitLab Community Edition/Enterprise Edition Email Address erweiterte Rechte4.34.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.48-CVE-2024-1347
15Eli Scheetz Anti-Malware Security and Brute-Force Firewall Plugin erweiterte Rechte8.18.0$0-$5k$0-$5kNot DefinedNot Defined0.000000.53-CVE-2024-22144
16Xiamen Four-Faith RMP Router Management Platform SQL Injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.54CVE-2024-3688
17GitLab Community Edition/Enterprise Edition GraphQL Subscription erweiterte Rechte4.34.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.53-CVE-2024-4006
18Google Chrome V8 API Information Disclosure6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.72CVE-2024-4059
19GNU C Library Netgroup Cache Pufferüberlauf5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000000.43CVE-2024-33599
20Hyperion Web Server URL Cross Site Scripting4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.000000.49-CVE-2024-4174

IOC - Indicator of Compromise (13)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP-BereichAkteurTypAkzeptanz
11.34.135.0/24MiraiprädiktivHigh
23.71.181.0/24SliverprädiktivHigh
3XX.XXX.XX.X/XXXxxxxxxxxprädiktivHigh
4XX.XX.XXX.X/XXXxxxxx XxxxxxprädiktivHigh
5XX.XXX.XX.X/XXXxxxxprädiktivHigh
6XX.XXX.XXX.X/XXXxxxxx XxxxxxprädiktivHigh
7XX.XXX.XX.X/XXXxxxxx XxxxxxprädiktivHigh
8XXX.XXX.XXX.X/XXXxxxxxprädiktivHigh
9XXX.XXX.XXX.X/XXXxxxxxxprädiktivHigh
10XXX.XXX.XX.X/XXXxxxxxxxprädiktivHigh
11XXX.XXX.XX.X/XXXxxxxx XxxprädiktivHigh
12XXX.XXX.XX.X/XXXxxxxxprädiktivHigh
13XXX.XXX.XX.X/XXXxxxxxprädiktivHigh

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueKlassifizierungSchwachstellenZugriffsartTypAkzeptanz
1T1006CAPEC-126CWE-22, CWE-23, CWE-25, CWE-35Path TraversalprädiktivHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replayprädiktivHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionsprädiktivHigh
4T1059CAPEC-137CWE-88, CWE-94, CWE-1321Argument InjectionprädiktivHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingprädiktivHigh
6TXXXXCAPEC-122CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxprädiktivHigh
7TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxprädiktivHigh
8TXXXX.XXXCAPEC-16CWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxprädiktivHigh
9TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxprädiktivHigh
10TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxprädiktivHigh
11TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxprädiktivHigh
12TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxprädiktivHigh
13TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxprädiktivHigh
14TXXXXCAPEC-102CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxprädiktivHigh
15TXXXXCAPEC-CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
16TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxprädiktivHigh
17TXXXXCAPEC-38CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxprädiktivHigh
18TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xxxxxx XxxxprädiktivHigh
19TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxprädiktivHigh
20TXXXXCAPEC-464CWE-XXXXxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx XxxxxprädiktivHigh
21TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
22TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxprädiktivHigh
23TXXXX.XXXCAPEC-CWE-XXXXxx Xxxxxxxxxx XxxxxprädiktivHigh
24TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxprädiktivHigh

IOA - Indicator of Attack (124)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasseIndicatorTypAkzeptanz
1File/adminPage/conf/reloadprädiktivHigh
2File/adminPage/conf/saveCmdprädiktivHigh
3File/adminPage/main/uploadprädiktivHigh
4File/adminPage/www/addOverprädiktivHigh
5File/CMD0/xml_modes.xmlprädiktivHigh
6File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=prädiktivHigh
7File/etc/passwdprädiktivMedium
8File/loginprädiktivLow
9File/Public/webuploader/0.1.5/server/fileupload.phpprädiktivHigh
10File/Public/webuploader/0.1.5/server/fileupload2.phpprädiktivHigh
11File/sys/kernel/notesprädiktivHigh
12File/u/:username/activity/reactionsprädiktivHigh
13File/webeditor/prädiktivMedium
14Fileactivate_jet_details_form_handler.phpprädiktivHigh
15Fileadd-vehicle.phpprädiktivHigh
16Fileadmin-manage-user.phpprädiktivHigh
17Fileadmin-password-change.phpprädiktivHigh
18Filexxxxx/xxxxx/xxxxxxxxxx.xxxprädiktivHigh
19Filexxxxx/xxxxx/xxxxxxxxxxxx.xxxprädiktivHigh
20Filexxxxx/xxxxx/xxxxx.xxxprädiktivHigh
21Filexxxxx/xxxxxxxx/xxxxx.xxxprädiktivHigh
22Filexxxxx/xxxxx.xxxprädiktivHigh
23Filexxxxx/xxxxx/xxxxxxxxxx.xxxprädiktivHigh
24Filexxxxxxx/xxx/xxxx/xxxx/xx/xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxx.xxprädiktivHigh
25Filexxxx_xxxxxx.xprädiktivHigh
26Filexxxxxxxxxx-xxxx.xxxprädiktivHigh
27Filexxxxx/xxx-xxxxxx.xprädiktivHigh
28Filexxxxx/xxx-xx-xxx.xprädiktivHigh
29Filexxx_xxx.xxxxprädiktivMedium
30Filexxxx_xxxxxxx.xxprädiktivHigh
31Filexxxxxx/xxxxxx_xxxxxx.xprädiktivHigh
32Filexx_xxx.xprädiktivMedium
33Filexxxxxxxxxxxxxx.xxxprädiktivHigh
34Filexxxxxxxxx.xxxprädiktivHigh
35Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx_xxxx.xprädiktivHigh
36Filexxxxxxx/xxx/xxxx/xxx.xprädiktivHigh
37Filexxxxxxx/xxxxx/xxxxxxx/xx_xxxxxxxxx.xprädiktivHigh
38Filexxxxxxx/xxxx/xxx/xxxxxx.xprädiktivHigh
39Filexxxx.xprädiktivLow
40Filexxxx-xxxx.xxxprädiktivHigh
41Filexx/xxxxx/xxxx-xx.xprädiktivHigh
42Filexx/xxxx/xxxx.xprädiktivHigh
43Filexxxxxxx.xxprädiktivMedium
44FilexxxxxprädiktivLow
45Filexxxxx_xxxxxxprädiktivMedium
46Filexx/xxx/xxx_xx_xxx.xprädiktivHigh
47Filexxxxxxx/xxxxx/xxxxxxxxxxxx.xprädiktivHigh
48Filexxxxxxx/xxxxx/xxxxxx.xprädiktivHigh
49Filexxxxx.xprädiktivLow
50Filexxxxxx/xxx/xxxxxx.xprädiktivHigh
51Filexxxxxx/xxx/xxxxx.xprädiktivHigh
52Filexxxxxx/xxxx_xxxxx.xprädiktivHigh
53Filexxxxxx/xxx/xxxx.x:prädiktivHigh
54Filexxx.xprädiktivLow
55Filexxxxxxxxx.xxprädiktivMedium
56Filexxx.xprädiktivLow
57Filexxxxxxx/xxxxxx.xxxprädiktivHigh
58Filexx/xxxx_xxxxx.xprädiktivHigh
59Filexx/xxxxxxxx.xprädiktivHigh
60Filexxx/xxx/xxx_xxxxxx.xprädiktivHigh
61Filexxxxx.xprädiktivLow
62Filexxxxx.xprädiktivLow
63Filexxxxxxxxx.xxxprädiktivHigh
64Filexxx.xprädiktivLow
65Filexxxxx/xxx/xxxx/xxxxx-xxx-xxx.xprädiktivHigh
66Filexxxxx_xxxx.xprädiktivMedium
67Filexxxx-xxxxxxx.xxxprädiktivHigh
68Filexxxx_xxxxxx.xxprädiktivHigh
69Filexxx.xprädiktivLow
70Filexxxxxx-xxxxx.xxxprädiktivHigh
71Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxprädiktivHigh
72File_xxxxxxxxxx.xprädiktivHigh
73Libraryxxxx.xxxprädiktivMedium
74Libraryxxxxxxx/xxx/xxxx_xxx.xprädiktivHigh
75Libraryxxx/xxxxxxxxxxxx.xprädiktivHigh
76Libraryxxx/xxxx_xxxxx.xprädiktivHigh
77Libraryxxx/xxx_xxxx.xprädiktivHigh
78Libraryxxx/xxxx_xxxxx.xprädiktivHigh
79Libraryxxx/xxxxxx.xprädiktivMedium
80Libraryxxx/xxx_xxxxxxx.xprädiktivHigh
81Libraryxxx/xxxxxxxxxxx.xprädiktivHigh
82Libraryxxx/xxxxxxxx.xprädiktivHigh
83Libraryxxxxxxxx.xxxprädiktivMedium
84Libraryxxxx.xprädiktivLow
85Libraryxxxx-xxxxxx.xxxprädiktivHigh
86ArgumentxxxxxxprädiktivLow
87Argumentxxxxx_xxprädiktivMedium
88ArgumentxxxxprädiktivLow
89ArgumentxxxxprädiktivLow
90ArgumentxxxxxxxxxxxxxxxxprädiktivHigh
91Argumentxxxxxxxxxxxxx/xxxxxxxxxprädiktivHigh
92Argumentxx-xxxxxxprädiktivMedium
93ArgumentxxxxxxxxprädiktivMedium
94Argumentxx_xxxx_xxxprädiktivMedium
95ArgumentxxxprädiktivLow
96ArgumentxxxxxxxprädiktivLow
97Argumentxxxxxxx_xxxxprädiktivMedium
98ArgumentxxxxprädiktivLow
99ArgumentxxxxxxxprädiktivLow
100ArgumentxxxxprädiktivLow
101ArgumentxxprädiktivLow
102Argumentxx/xxx/xxxxxprädiktivMedium
103ArgumentxxxxxprädiktivLow
104Argumentxxx_xxprädiktivLow
105Argumentxxx_xxxxxxxprädiktivMedium
106Argumentxxxxx_xxxprädiktivMedium
107ArgumentxxxxxxxprädiktivLow
108ArgumentxxxxxxxxprädiktivMedium
109ArgumentxxxxxxxxxprädiktivMedium
110Argumentxxx_xxxxxxprädiktivMedium
111Argumentxxxxxxx_xxxxx_xxxxxxprädiktivHigh
112ArgumentxxxxxxxprädiktivLow
113ArgumentxxxxxprädiktivLow
114ArgumentxxxxxxxxxxxprädiktivMedium
115Argumentxxxx_xxxxxxx_xxxxprädiktivHigh
116ArgumentxxxxprädiktivLow
117Argumentxxxx/xxxxxxxxprädiktivHigh
118Argumentxxxx_xxprädiktivLow
119ArgumentxxxxxxxxprädiktivMedium
120Argumentxxxxxx xxxxxprädiktivMedium
121Argumentxxxx_xxxxxprädiktivMedium
122Argumentxxxx_xxprädiktivLow
123Argumentxxxx_xxxxprädiktivMedium
124Argumentx-xxxxxxxxx-xxxprädiktivHigh
ZurückÜbersichtWeiter

Do you know our Splunk app?

Download it now for free!