Secteur Finance

Timeframe: -28 days

Default Categories (81): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Appointment Software, Asset Management Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Banking Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Data Loss Prevention Software, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Financial Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Information Management Software, IP Phone Software, JavaScript Library, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Smartphone Operating System, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Chronologie

Fournisseur

Linux	366
Oracle	80
Not Defined	74
Google	34
IBM	26

Produit

Linux Kernel	366
HDF5	42
Oracle MySQL Server	26
Mozilla Firefox	20
Google Chrome	16

Contre-mesures

Official Fix	684
Temporary Fix	0
Workaround	4
Unavailable	0
Not Defined	156

Exploitabilité

High	2
Functional	0
Proof-of-Concept	16
Unproven	0
Not Defined	826

Vecteur d'accès

Not Defined	0
Physical	4
Local	92
Adjacent	428
Network	320

Authentification

Not Defined	0
High	68
Low	582
None	194

Interaction de l'utilisateur

Not Defined	0
Required	122
None	722

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	24
≤4	102
≤5	180
≤6	320
≤7	96
≤8	102
≤9	20
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	30
≤4	96
≤5	182
≤6	354
≤7	90
≤8	74
≤9	18
≤10	0

VulDB

≤1	0
≤2	0
≤3	32
≤4	112
≤5	184
≤6	294
≤7	108
≤8	104
≤9	10
≤10	0

NVD

≤1	844
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

CNA

≤1	594
≤2	0
≤3	10
≤4	30
≤5	44
≤6	48
≤7	30
≤8	52
≤9	30
≤10	6

Fournisseur

≤1	844
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploiter 0 jour

<1k	48
<2k	184
<5k	16
<10k	412
<25k	160
<50k	24
<100k	0
≥100k	0

Exploiter aujourd'hui

<1k	326
<2k	230
<5k	176
<10k	76
<25k	36
<50k	0
<100k	0
≥100k	0

Exploiter le volume du marché

IOB - Indicator of Behavior (1000)

Chronologie

Langue

en	650
ja	98
de	68
zh	44
fr	38

De campagne

jp	124
us	114
de	76
fr	68
cn	60

Acteurs

Cobalt Strike	4
Sandworm	3
B1txor20	3
AsyncRAT	2
Grizzly Steppe	2

Activités

Intérêt

Chronologie

Taper

Operating System	74
Web Browser	26
Database Software	20
Router Operating System	18
Smartphone Operating System	16

Fournisseur

Linux	72
Google	32
Not Defined	20
Oracle	12
D-Link	12

Produit

Linux Kernel	72
Google Chrome	18
Google Android	10
GitLab Community Edition	6
GitLab Enterprise Edition	6

Vulnérabilités

#	Vulnérabilité	Base	Temp	0day	Aujourd'hui	Exp	Con	EPSS	CTI	CVE
1	Google Chrome HTML Page buffer overflow	6.3	6.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00043	3.36	CVE-2024-4671
2	Contemporary Control System BASrouter BACnet BASRT-B Application Protocol Data Unit dénie de service	7.5	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Workaround	0.00045	0.85	CVE-2024-4791
3	Microsoft Edge Remote Code Execution	5.9	5.7	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00043	1.62	CVE-2024-30055
4	Red Hat Migration Toolkit for Containers Registry Remote Code Execution	7.9	7.9	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00043	0.97	CVE-2024-3727
5	vercel next.js elévation de privilèges	6.4	6.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00045	0.73	CVE-2024-34351
6	IBM Security Guardium Local Privilege Escalation	7.8	7.6	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00043	0.24	CVE-2023-47712
7	PostgreSQL pg_stats_ext_exprs elévation de privilèges	3.1	3.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00043	0.66	CVE-2024-4317
8	Linux Kernel firewire packet_buffer_get buffer overflow	7.8	7.5	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00000	0.69+	CVE-2024-27401
9	Linux Kernel aqc111 skb_trim Remote Code Execution	7.3	7.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00000	0.65+	CVE-2023-52655
10	IBM Security Guardium Request elévation de privilèges	8.1	8.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00043	0.16	CVE-2023-47709
11	Kingsoft WPS Office File Name directory traversal	4.4	4.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00000	0.53	CVE-2024-35205
12	Google Chrome ANGLE buffer overflow	6.3	6.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00043	0.45	CVE-2024-4558
13	Google Chrome WebAudio buffer overflow	6.3	6.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00043	0.33	CVE-2024-4559
14	IBM Security Guardium elévation de privilèges	2.7	2.6	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00043	0.08	CVE-2023-47711
15	Google Android Health Data elévation de privilèges	5.3	5.1	$5k-$25k	$5k-$25k	Not Defined	Official Fix	0.00043	0.25	CVE-2024-23706
16	Google Go cmd-go Privilege Escalation	5.5	5.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00045	0.29	CVE-2024-24787
17	GNU C Library iconv buffer overflow	5.3	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00044	0.25	CVE-2024-2961
18	vercel next.js HTTP Request elévation de privilèges	6.4	6.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00043	0.12	CVE-2024-34350
19	abetlen llama-cpp-python llama.py to_chat_handler Remote Code Execution	7.9	7.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.08	CVE-2024-34359
20	IBM QRadar SIEM divulgation de l'information	4.7	4.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00043	0.24	CVE-2024-27269

IOC - Indicator of Compromise (30)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

ID	IP range	Acteur	Taper	Confiance
1	2.57.122.0/24	Mirai	predictive	Élevé
2	23.137.253.0/24	FAKEUPDATES	predictive	Élevé
3	23.154.177.0/24	B1txor20	predictive	Élevé
4	XX.XXX.XX.X/XX	Xxxxxx Xxxxxx	predictive	Élevé
5	XX.XX.XXX.X/XX	Xxxxxxx Xxxxx	predictive	Élevé
6	XX.XXX.XXX.X/XX	Xxxxx	predictive	Élevé
7	XX.XXX.XXX.X/XX	Xxxxxxxxxxx	predictive	Élevé
8	XX.XX.XXX.X/XX	Xxxxxxxxxxxxx	predictive	Élevé
9	XX.XXX.XXX.X/XX	Xxxxxxx	predictive	Élevé
10	XXX.XXX.X.X/XX	Xxxxxxxxx	predictive	Élevé
11	XXX.XXX.XX.X/XX	Xxxxxx Xxxxxx	predictive	Élevé
12	XXX.XXX.XX.X/XX	Xxxxx	predictive	Élevé
13	XXX.XXX.XX.X/XX	Xxxxxxxxx	predictive	Élevé
14	XXX.XXX.XXX.X/XX	Xxxxxxxxx	predictive	Élevé
15	XXX.XXX.XXX.X/XX	Xxxxxx Xxxxxxxxx	predictive	Élevé
16	XXX.XX.XX.X/XX	Xxxxxxx Xxxxxx	predictive	Élevé
17	XXX.XXX.XXX.X/XX	Xxxxxxx Xxxxxx	predictive	Élevé
18	XXX.XXX.XXX.X/XX	Xxxxx	predictive	Élevé
19	XXX.XXX.XXX.X/XX	Xxxxxx	predictive	Élevé
20	XXX.XXX.XX.X/XX	Xxxxxxx Xxxxxx	predictive	Élevé
21	XXX.XXX.XXX.X/XX	Xxxxxx Xxx	predictive	Élevé
22	XXX.XXX.XX.X/XX	Xxxxx	predictive	Élevé
23	XXX.XXX.XXX.X/XX	Xxxx	predictive	Élevé
24	XXX.XXX.XXX.X/XX	Xxxx	predictive	Élevé
25	XXX.XXX.XXX.X/XX	Xxxxxxxxx Xxxxxx	predictive	Élevé
26	XXX.XX.XXX.X/XX	Xxxxxx	predictive	Élevé
27	XXX.XXX.XXX.X/XX	Xxxx	predictive	Élevé
28	XXX.XX.XXX.X/XX	Xxxxxx Xxxxxx	predictive	Élevé
29	XXX.XXX.XXX.X/XX	Xxxxxx Xxxxxx	predictive	Élevé
30	XXX.XXX.XX.X/XX	Xxxxxx	predictive	Élevé

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Classe	Vulnérabilités	Vecteur d'accès	Taper	Confiance
1	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	Élevé
2	T1055	CAPEC-10	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	Élevé
3	T1059	CAPEC-137	CWE-88, CWE-94	Argument Injection	predictive	Élevé
4	T1059.007	CAPEC-209	CWE-79, CWE-80	Cross Site Scripting	predictive	Élevé
5	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Élevé
6	TXXXX.XXX	CAPEC-	CWE-XXX	Xxx Xx Xxxx-xxxxx Xxxxxxxx	predictive	Élevé
7	TXXXX	CAPEC-136	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Élevé
8	TXXXX	CAPEC-1	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	Élevé
9	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	Élevé
10	TXXXX	CAPEC-102	CWE-XXX	Xxx Xx Xxxxxxxxxx Xxxxxxx Xxxxxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Élevé
11	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	Élevé
12	TXXXX	CAPEC-37	CWE-XXX	Xxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxx	predictive	Élevé
13	TXXXX	CAPEC-38	CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	predictive	Élevé
14	TXXXX.XXX	CAPEC-	CWE-XXX	Xxxxxxxx Xxxxxx Xxxx	predictive	Élevé
15	TXXXX.XXX	CAPEC-142	CWE-XXX	Xxxxxxxx Xx Xxx Xxxxxxx Xx X Xxxxxxxx Xxxxxxxx	predictive	Élevé
16	TXXXX.XXX	CAPEC-459	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Élevé
17	TXXXX	CAPEC-464	CWE-XXX	Xxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx Xxxxx	predictive	Élevé
18	TXXXX	CAPEC-116	CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Élevé
19	TXXXX	CAPEC-20	CWE-XXX, CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Élevé
20	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Élevé

IOA - Indicator of Attack (129)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Taper	Confiance
1	File	/API/info	predictive	Moyen
2	File	/bin/boa	predictive	Moyen
3	File	/CMD0/xml_modes.xml	predictive	Élevé
4	File	/doctor/view-appointment-detail.php	predictive	Élevé
5	File	/drivers/tty/serial/serial_core.c	predictive	Élevé
6	File	/htdocs/webinc/js/bsc_sms_inbox.php	predictive	Élevé
7	File	/index.php	predictive	Moyen
8	File	/proc/scsi/${proc_name}	predictive	Élevé
9	File	/SchoolERP/office_admin/	predictive	Élevé
10	File	/schoolerp/office_admin/	predictive	Élevé
11	File	/sys/bus/i2c/devices/i2c-2/new_device	predictive	Élevé
12	File	/u/:username/activity/reactions	predictive	Élevé
13	File	/webeditor/	predictive	Moyen
14	File	ActivityManagerService.java	predictive	Élevé
15	File	admin-manage-user.php	predictive	Élevé
16	File	appointment-bwdates-reports-details.php	predictive	Élevé
17	File	AppOpsService.java	predictive	Élevé
18	File	xxx_xxx_xxxxx.xxx	predictive	Élevé
19	File	xxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxx	predictive	Élevé
20	File	xxxxxx/xxxxxx_xxxxxx.x	predictive	Élevé
21	File	xx_xxx.x	predictive	Moyen
22	File	xxxxxxx/xxxxxx/xxxxxxx/xxxxxx_xxxx.x	predictive	Élevé
23	File	xxxxxxx/xxx/xxxx/xxx.x	predictive	Élevé
24	File	xxxxxxx/xxxx/xxxx_xxxx.x	predictive	Élevé
25	File	xxxxxxx/xxxxx/xxx-xxxxxxxxx/xxxxxxx.x	predictive	Élevé
26	File	xxxxxxx/xxx/xxxxxxxx/xxx/xx.x	predictive	Élevé
27	File	xxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxx.x	predictive	Élevé
28	File	xxxxxxx/xxx/xxxxxx/xxxx/xxxx_xxxx.x	predictive	Élevé
29	File	xxxxxxx/xxx/xxxx/xxxxx.x	predictive	Élevé
30	File	xxxxxxx/xxx/xxxx/xxx.x	predictive	Élevé
31	File	xxxxxxxxx.xxx	predictive	Élevé
32	File	xx/xxxxxx.x	predictive	Moyen
33	File	xx/xxxx/xxxxxxx.x	predictive	Élevé
34	File	xx/xxxxx/xxxx.x	predictive	Élevé
35	File	xx/xxxxxx/xxx.x	predictive	Élevé
36	File	xxxxxxx.xx	predictive	Moyen
37	File	xxxxxx.xxx	predictive	Moyen
38	File	xxxxxx/xxxxxxx	predictive	Élevé
39	File	xxxxxx.x	predictive	Moyen
40	File	xxxxxxxxxxx.x	predictive	Élevé
41	File	xxxxxx.x	predictive	Moyen
42	File	xxxxxx.x	predictive	Moyen
43	File	xxxx.x	predictive	Faible
44	File	xxxx.x	predictive	Faible
45	File	xxxxxxxxx.x	predictive	Moyen
46	File	xxxx.x	predictive	Faible
47	File	xxxxxxxx.x	predictive	Moyen
48	File	xxxxxxxxx.x	predictive	Moyen
49	File	xxxxxxxx.x	predictive	Moyen
50	File	xxxxxxxx.x	predictive	Moyen
51	File	xxx.x	predictive	Faible
52	File	xxxxxxx.x	predictive	Moyen
53	File	xxxxxxxxx.x	predictive	Moyen
54	File	xxxxxx.x	predictive	Moyen
55	File	xxxx.x	predictive	Faible
56	File	xxxxxxx.x	predictive	Moyen
57	File	xx/xxxxxx/xxxxxx-xxx.x	predictive	Élevé
58	File	xxxxxxx/xxxxx/xxxxxxxxxxxx.x	predictive	Élevé
59	File	xxxxxxx/xxxxx/xxxx.x	predictive	Élevé
60	File	xxxx/xxxx.x	predictive	Moyen
61	File	xxxxxxxxxxxxxxxxxxxx.xxxx	predictive	Élevé
62	File	xxxxxx/xxx/xxxxxx.x	predictive	Élevé
63	File	xxxxxx/xxxx_xxxxx.x	predictive	Élevé
64	File	xxxxxxxxxxxxx.xxx	predictive	Élevé
65	File	xxxxx.xx	predictive	Moyen
66	File	xxxxx.xxx	predictive	Moyen
67	File	xx/xxxx.x	predictive	Moyen
68	File	xx/xxxxxxxx.x	predictive	Élevé
69	File	xxxxxx/xxxxxxxxxxx.xx	predictive	Élevé
70	File	xxxxxxx/xxxxx/xxxxxx/xxxxxx.xxx	predictive	Élevé
71	File	xxx-xxx	predictive	Faible
72	File	xxx/xxxxxx/xx_xxxxxxxxx_xxxxx.x	predictive	Élevé
73	File	xxx/xxxx/xxx.x	predictive	Élevé
74	File	xxx/xxxx/xxxx.x	predictive	Élevé
75	File	xxx/xxxxxxxxx/xx_xxxxxx_xxx.x	predictive	Élevé
76	File	xxxxxxxxxxxxxxxxxxxxxxxxxx.xxxx	predictive	Élevé
77	File	xxx.xx	predictive	Faible
78	File	xxxx.x	predictive	Faible
79	File	xxxx.xxx	predictive	Moyen
80	File	xxx/xxxxxx.x	predictive	Moyen
81	File	xxx.x	predictive	Faible
82	File	xxxxxxxxxxxx.xxxx	predictive	Élevé
83	File	xxxxx_xxxx.x	predictive	Moyen
84	File	xxxxxxx_xxxx_xxxxx.xxx	predictive	Élevé
85	File	xxxx-xxxxxxx.xxx	predictive	Élevé
86	File	xxxxxx-xxxxx.xxx	predictive	Élevé
87	File	xxxxxx_xxxxxxxx.xxx	predictive	Élevé
88	File	xxxxxxxxxxxxxxxxxx.xxxx	predictive	Élevé
89	File	xxxxxxxxxxxxxxxxxx.xxxx	predictive	Élevé
90	File	xxxx.xxx	predictive	Moyen
91	Library	/xxx/xxxxxx.xxx	predictive	Élevé
92	Library	xxxxx-xx.xx	predictive	Moyen
93	Library	xxxxxxx/xxx/xxxx_xxx.x	predictive	Élevé
94	Library	xxx/xxxxxxxxxxxx.x	predictive	Élevé
95	Library	xxx/xxxx_xxxxx.x	predictive	Élevé
96	Library	xxx/xxxx_xxxxx.x	predictive	Élevé
97	Library	xxx/xxxxxx.x	predictive	Moyen
98	Library	xxx/xxxxxxxx.x	predictive	Élevé
99	Library	xxx/xxx_xxxxxxx.x	predictive	Élevé
100	Library	xxx/xxxxxxxx.x	predictive	Élevé
101	Library	xxxxxxxxxxxx.xxx	predictive	Élevé
102	Library	xxxxx/xxx/xxxxxxx_xxx.x	predictive	Élevé
103	Library	xxxx-xxxxxx.xxx	predictive	Élevé
104	Argument	xxxxxxx-xxxxxx	predictive	Élevé
105	Argument	xxxxxxx	predictive	Faible
106	Argument	xxx	predictive	Faible
107	Argument	xxxxxx	predictive	Faible
108	Argument	xxxxxxx	predictive	Faible
109	Argument	xx_xxxxxxx/xx_xxxx_xxxx/xx_xxxx_xxx/xx_xxxxxxx/xx_xxxxxx_xxxxxx/xxx/xxx	predictive	Élevé
110	Argument	xxxxxxxx/xxxxxx	predictive	Élevé
111	Argument	xxx_xxxx/xx_xxx_xxxx	predictive	Élevé
112	Argument	xxxxxx_xx/xxxxxxxx/xxxxxxx_xx/xx_xxxxxxxxx/xx_xxxxx	predictive	Élevé
113	Argument	xx	predictive	Faible
114	Argument	xx/xxx/xxxxx	predictive	Moyen
115	Argument	xxxxx	predictive	Faible
116	Argument	xxx_xxxxxxx	predictive	Moyen
117	Argument	xxxxxxx_xxxxx_xxxxxx	predictive	Élevé
118	Argument	xxxxx	predictive	Faible
119	Argument	xxxxxxx	predictive	Faible
120	Argument	xxxxx	predictive	Faible
121	Argument	xxxx_xx	predictive	Faible
122	Argument	xxxxxxxxx	predictive	Moyen
123	Argument	xxxxxxxx	predictive	Moyen
124	Argument	xx_xxxxx	predictive	Moyen
125	Argument	xxxxxxxx/xxxxxxxx	predictive	Élevé
126	Argument	xxxx_xxxxxx	predictive	Moyen
127	Argument	xxxxxxx	predictive	Faible
128	Argument	xxx_xx_xxx_xxxx	predictive	Élevé
129	Input Value	xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx	predictive	Élevé

◂ PrécédentAperçuSuivant ▸

Do you need the next level of professionalism?

Upgrade your account now!