Anatsa Analysisinfo

IOB - Indicator of Behavior (37)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Language

en28
ru4
de2
zh2
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Android4
Microsoft Exchange Server4
Microsoft Skype for Business2
Apache OpenOffice2
GitHub Enterprise Server2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

These are the vulnerabilities that we have identified as researched, approached, or attacked.

#VulnerabilityBaseTemp0dayTodayExpCouKEVEPSSCTICVE
1Telegram Web cross site scripting4.84.7$0-$5k$0-$5kNot definedNot defined 0.000900.07CVE-2022-43363
2Yealink SIP-T38G os command injection8.88.0$0-$5k$0-$5kProof-of-ConceptNot defined 0.107060.06CVE-2013-5758
3HPE iLO 5 Local Privilege Escalation7.87.6$5k-$25k$0-$5kNot definedOfficial fix 0.000650.00CVE-2022-28629
4HPE Integrated Lights-Out 5/Integrated Lights-Out 6 improper authentication8.28.1$5k-$25k$0-$5kNot definedOfficial fix 0.000230.00CVE-2023-50272
5Obsession-Design Image-Gallery display.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot defined 0.003220.00CVE-2010-0979
6Elementor Website Builder Plugin cross site scripting3.53.4$0-$5k$0-$5kNot definedNot defined 0.000320.07CVE-2024-8236
7Tianwell Fire Intelligent Command Platform API Interface page sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot defined 0.000090.07CVE-2024-3720
8WP Statistics Plugin class-wp-statistics-hits.php sql injection8.58.4$0-$5k$0-$5kNot definedNot definedpossible0.389890.08CVE-2022-25149
9Adobe Commerce/Magento XML Document xml external entity reference9.89.6$5k-$25k$0-$5kAttackedOfficial fixverified0.943580.05CVE-2024-34102
10Check Point Quantum Gateway/Spark Gateway/CloudGuard Network Remote Access VPN information disclosure7.57.5$0-$5k$0-$5kAttackedNot definedverified0.943270.05CVE-2024-24919
11Google Android privilege escalation8.48.3$25k-$100k$5k-$25kNot definedOfficial fix 0.000540.00CVE-2021-0877
12Google Android use after free5.45.3$5k-$25k$0-$5kNot definedOfficial fix 0.000110.00CVE-2023-21042
13Microsoft Windows Online Certificate Status Protocol SnapIn Remote Code Execution8.17.4$25k-$100k$5k-$25kUnprovenOfficial fix 0.004740.00CVE-2023-35313
14Google Chrome V8 out-of-bounds write7.57.4$25k-$100k$5k-$25kNot definedOfficial fixpossible0.580120.00CVE-2024-0517
15GitHub Enterprise Server API information disclosure3.93.8$0-$5k$0-$5kNot definedOfficial fix 0.000510.00CVE-2022-46257
16Pallets Werkzeug Debugger tbtools.py render_full cross site scripting5.25.1$0-$5k$0-$5kNot definedOfficial fix 0.001170.00CVE-2016-10516
17Zyxel ATP/USG FLEX/VPN CGI Program exposure of private personal information to an unauthorized actor5.45.4$0-$5k$0-$5kNot definedNot defined 0.002080.00CVE-2023-22918
18Apache OpenOffice Calc command injection7.36.4$5k-$25k$0-$5kUnprovenOfficial fix 0.095300.08CVE-2014-3524
19Microsoft Windows Kerberos Remote Code Execution8.17.4$25k-$100k$5k-$25kUnprovenOfficial fix 0.032260.00CVE-2023-28244
20OpenVPN Access Server Authentication Token unusual condition4.34.3$0-$5k$0-$5kNot definedNot defined 0.019670.00CVE-2020-36382

IOC - Indicator of Compromise (7)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (12)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/mfsNotice/pagepredictiveHigh
2FileCalcpredictiveLow
3Filexxxxx/xxxxxxx.xxpredictiveHigh
4Filexxxxxxx.xxxpredictiveMedium
5Filexxxxxxxxxx\xxxxxxxxxxxx\xxxxxxxxxxxxxxxx.xxxpredictiveHigh
6Filexxx/xxxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
7File~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxx.xxxpredictiveHigh
8Libraryxxxxxx.xxxpredictiveMedium
9ArgumentxxxxxxpredictiveLow
10ArgumentxxxxxxpredictiveLow
11ArgumentxxpredictiveLow
12Argumentxxx_xxx_xxxxxxxxpredictiveHigh

References (4)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!