Novidade 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

タイムライン

言語

en110
zh104
ru92
fr88
de86

国・地域

ru92
fr88
de86
es78
it78

アクター

Novidade1

アクティビティ

関心

タイムライン

タイプ

Not Defined80
WordPress Plugin30
Content Management System6
Web Browser4
Web Server4

ベンダー

Not Defined36
Tenda24
SourceCodester6
Apache6
Microsoft4

製品

MailCleaner10
Tenda TX96
Tenda W15E6
Tenda i214
Tenda 4G3004

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1Apryse WebViewer PDF Document クロスサイトスクリプティング3.53.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000450.07CVE-2024-4327
2MailCleaner Email 特権昇格9.89.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000460.07CVE-2024-3191
3osCommerce all-products クロスサイトスクリプティング4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000650.04CVE-2024-4348
4MailCleaner Admin Interface クロスサイトスクリプティング5.85.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000450.07CVE-2024-3192
5SourceCodester Pisay Online E-Learning System controller.php 特権昇格7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.21CVE-2024-4349
6MailCleaner Admin Endpoints 特権昇格8.88.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000460.00CVE-2024-3193
7BloomPixel Max Addons Pro for Bricks Plugin 特権昇格6.56.4$0-$5k$0-$5kNot DefinedNot Defined0.000430.08CVE-2024-32951
8Extend Themes Teluro Plugin 未知の脆弱性4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-33688
9Apache HTTP Server mod_lua Multipart Parser r:parsebody メモリ破損8.58.4$25k-$100k$0-$5kNot DefinedOfficial Fix0.088080.03CVE-2021-44790
10Elementor ImageBox Plugin クロスサイトスクリプティング3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.000450.08CVE-2024-3074
11Dell Wyse Proprietary OS Telemetry Dashboard 情報の漏洩4.74.7$0-$5k$0-$5kNot DefinedNot Defined0.000430.04CVE-2024-28963
12Apache Parquet Parquet-MR サービス拒否3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000860.00CVE-2021-41561
13Foliovision FV Flowplayer Video Player Plugin 特権昇格5.65.5$0-$5k$0-$5kNot DefinedNot Defined0.000430.04CVE-2024-32955
14Dell Repository Manager API Module 特権昇格8.38.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.04CVE-2024-28976
15Jegstudio Financio Plugin 未知の脆弱性4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000430.03CVE-2024-33690
16Pavex Embed Google Photos Album Plugin 特権昇格5.65.5$0-$5k$0-$5kNot DefinedNot Defined0.000430.07CVE-2024-32775
17ThemeNcode Fan Page Widget by Plugin クロスサイトスクリプティング4.14.1$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-33695
18AnnounceKit Plugin クロスサイトスクリプティング2.42.4$0-$5k$0-$5kNot DefinedNot Defined0.000450.04CVE-2024-3023
19Repute Infosystems ARMember Plugin 特権昇格7.87.7$0-$5k$0-$5kNot DefinedNot Defined0.000430.07CVE-2024-32948
20Dell Repository Manager Logger Module 特権昇格3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-28977

IOC - Indicator of Compromise (30)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
110.0.0.1Novidade2018年12月11日verified
210.0.0.2Novidade2018年12月11日verified
310.0.0.3Novidade2018年12月11日verified
410.0.0.138Novidade2018年12月11日verified
510.1.1.1Novidade2018年12月11日verified
623.94.149.24223-94-149-242-host.colocrossing.comNovidade2018年12月11日verified
7XX.XX.XXX.XXXxxxxxxxxxxxxxxxxx.xxxXxxxxxxx2018年12月11日verified
8XX.XX.XX.XXxx-xx-xx-xx-xxxx.xxxxxxxxxxxx.xxxXxxxxxxx2018年12月11日verified
9XX.XX.XX.XXXxxx-xx-xx-xx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxx2018年12月11日verified
10XX.XXX.XX.XXXXxxxxxxx2018年12月11日verified
11XXX.XXX.XXX.XXXxxxxxxxx.xxx.xxXxxxxxxx2018年12月11日verified
12XXX.XXX.XXX.XXXxxxxxx-xxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxxXxxxxxxx2018年12月11日verified
13XXX.XXX.XX.XXXxxxxx.xx-xxx-xxx-xx.xxxXxxxxxxx2018年12月11日verified
14XXX.XXX.XX.XXXxxx-xxx-xx-xxx-xxxx.xxxxxxxxxxxx.xxxXxxxxxxx2018年12月11日verified
15XXX.XXX.XX.XX.Xxxxxxxx2018年12月11日verified
16XXX.X.X.XXXxxxxxxxxx.xxxXxxxxxxx2018年12月11日verified
17XXX.X.XXX.XXXxxxxxxx.xxxXxxxxxxx2018年12月11日verified
18XXX.X.XXX.XXXxxx-x-xxx-xxx-xxxx.xxxxxxxxxxxx.xxxXxxxxxxx2018年12月11日verified
19XXX.XXX.X.XXxxxxxxx2018年12月11日verified
20XXX.XXX.X.XXxxxxxxx2018年12月11日verified
21XXX.XXX.X.XXxxxxxxx2018年12月11日verified
22XXX.XXX.X.XXXXxxxxxxx2018年12月11日verified
23XXX.XXX.X.XXxxxxxxx2018年12月11日verified
24XXX.XXX.X.XXXXxxxxxxx2018年12月11日verified
25XXX.XXX.XX.XXxxxxxxx2018年12月11日verified
26XXX.XXX.XX.XXxxxxxxx2018年12月11日verified
27XXX.XXX.XXX.XXxxxxxxx2018年12月11日verified
28XXX.XXX.XXX.XXXXxxxxxxx2018年12月11日verified
29XXX.XX.XXX.XXxxx-xx-xxx-xx-xxxx.xxxxxxxxxxxx.xxxXxxxxxxx2018年12月11日verified
30XXX.XX.XXX.XXXxxxxxxxxxx.xxxXxxxxxxx2018年12月11日verified

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1006CAPEC-126CWE-22Path Traversalpredictive
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath Expressionspredictive
3T1059CAPEC-242CWE-94Argument Injectionpredictive
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site Scriptingpredictive
5TXXXXCAPEC-122CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
6TXXXX.XXXCAPEC-16CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
7TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
8TXXXX.XXXCAPEC-178CWE-XXXXxxx Xxxxxxxxpredictive
9TXXXXCAPEC-CWE-XXXXxxxxxxxxx Xxxxxxpredictive
10TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictive
11TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
12TXXXXCAPEC-102CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
13TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxpredictive
14TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
15TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
16TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (74)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/catalog/all-productspredictive
2File/changePasswordpredictive
3File/forum/away.phppredictive
4File/goform/addIpMacBindpredictive
5File/goform/DelDhcpRulepredictive
6File/goform/delIpMacBindpredictive
7File/goform/DelPortMappingpredictive
8File/goform/modifyDhcpRulepredictive
9File/goform/modifyIpMacBindpredictive
10File/xxxxxx/xxxxxxxxxxxxpredictive
11File/xxxxxx/xxxxxxxxxxpredictive
12File/xxxxxx/xxxxxxxxxpredictive
13File/xxxxxx/xxxxxxxxxxxxxxxxpredictive
14File/xxxxxx/xxxxxxxxxxxxxxpredictive
15File/xxxxxx/xxxxxxxxxxxxxxpredictive
16File/xxxxxx/xxxxxxxxxxxxxpredictive
17File/xxxxxx/xxxxxxxxxxxxxxxxxxxpredictive
18File/xxxxxx/xxxxxxxxxxxpredictive
19File/xxxxxx/xxxxxxxxxx.xxxpredictive
20File/xxxxxxxxxxx.xxx/xxxxxxxxpredictive
21File/xxxxxx_xx.xxxpredictive
22File/xxxxxxxxx.xxxpredictive
23File/xxxxxxxx.xxxpredictive
24File/xxx/xxxxxxx/xxxpredictive
25File/xxxx/xxxxxxx xxxxxx/xxx/xxx_xxxx_xxxxxx.xxxpredictive
26File/xxxx/xxxxxx_xxx.xxxpredictive
27Filexxxxx/xxxxxxx/xxxxxxxxxxxxx.xxpredictive
28Filexxxxxxxxxxxx.xxxpredictive
29Filexxxxxxxxxxxxxxxxxxx.xxxpredictive
30Filexxxxxxx/xxxxxxxx.xxxpredictive
31Filexx/xxxxxx/xxxxxxxxxxpredictive
32Filexxxxx/xxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxpredictive
33Filexxxxx.xxxpredictive
34Filexxxxxxxx.xxxpredictive
35Filexxx.xxpredictive
36Filexxxxxxxx.xxxpredictive
37Filexxxxxxxx.xxxpredictive
38Filexxxxxxxxxxxxxxx.xxxpredictive
39Filexxxx-xxxxxxxx.xxxpredictive
40Argumentxxxxx_xxxxxpredictive
41Argumentxxxxxxxxxxxxxpredictive
42Argumentxxxpredictive
43Argumentxxxxxxxxxpredictive
44Argumentxxxxxxxxxxxxpredictive
45Argumentxxxxxxxxxxpredictive
46Argumentxxxxxxxpredictive
47Argumentxxxxpredictive
48Argumentxxxxxxxxxxxxxxxxxxxxxxpredictive
49Argumentxx/xxxxpredictive
50Argumentxxxxxxxpredictive
51Argumentxxpredictive
52Argumentxxpredictive
53Argumentxxxxxxxxxxxxxxpredictive
54Argumentxxxxxxxxxxxxxpredictive
55Argumentxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictive
56Argumentxxxxpredictive
57Argumentxxxxxxxxxxpredictive
58Argumentxxxxxxxxxxxxpredictive
59Argumentxx_xxxxxx_xxxxxxxxxxxxpredictive
60Argumentxx_xxxxxpredictive
61Argumentxxxxpredictive
62Argumentxxxx/xxxxxx/xxxxxxxpredictive
63Argumentxxxxxxxxxxxxxxxxpredictive
64Argumentxxxxxxx_xxxxxxx_xxxxx_xxxxx_xxxxxpredictive
65Argumentxxxxxxpredictive
66Argumentxxxxxxxxpredictive
67Argumentxxxxxxxxxxxxxxxxxxpredictive
68Argumentxxxxxxxxxxpredictive
69Argumentxxxxxxxxxx/xxxxxxxx/xxxxxxx/xxxxxxxxxxpredictive
70Argumentxxxxxxxxxpredictive
71Argumentxxxxxxxxxxxxxxxxpredictive
72Argumentxxxxpredictive
73Argumentxxxxxxxxxxpredictive
74Argumentxxxx/xxxxx/xxx/xxxx/xxxxxx/xxxxxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

概要

Do you know our Splunk app?

Download it now for free!