BlackTech Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en132
zh14
de3
sv1
fr1

Country

ms131
cn17
us4

Actors

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1vTiger CRM sql injection7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2019-11057
2Microsoft Exchange Server ProxyShell Remote Code Execution9.58.2$25k-$100k$5k-$25kUnprovenOfficial Fix0.22CVE-2021-34473
3WordPress WP_Query class-wp-query.php sql injection8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2017-5611
4Liferay Portal CE JSON Payload deserialization7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-16891
5Apache Solr ResourceLoader path traversal5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2013-6397
6ThinkPHP input validation8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2019-9082
7Mailman input validation6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2018-13796
8Yii Framework Exception Error ErrorHandler.php information disclosure6.45.6$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2018-6010
9Pivotal RabbitMQ password access control7.77.4$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2016-9877
10phpThumb Default Configuration server-side request forgery5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2013-6919
11phpThumb phpThumb.demo.showpic.php cross site scripting5.24.6$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2016-10508
12Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
13XenForo privileges management8.67.9$0-$5k$0-$5kNot DefinedOfficial Fix0.05
14Microsoft Windows TCP/IP Stack access control6.35.7$25k-$100k$0-$5kHighOfficial Fix0.04CVE-2014-4076
15PHPMailer validateAddress injection5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2021-3603
16Microsoft Windows Service Control Manager access control6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2015-1702
17Microsoft Windows Service Control Manager privileges management5.34.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2000-0737
18PDF.js Viewer Plugin Shortcode cross site scripting4.44.4$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-24759
19Aviatrix Controller pathname traversal6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-40870
20Apple Mac OS X Server Wiki Server cross site scripting4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.03CVE-2009-2814

Campaigns (3)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (10)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (78)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File/mifs/c/i/reg/reg.htmlHigh
2File/server-infoMedium
3File/wp-json/oembed/1.0/embed?urlHigh
4Filea2billing/customer/iridium_threed.phpHigh
5Fileadmin.php?s=/Channel/add.htmlHigh
6Fileadmin/class-bulk-editor-list-table.phpHigh
7Fileadministrator/components/com_media/helpers/media.phpHigh
8Fileauth.aspMedium
9Filebase/ErrorHandler.phpHigh
10Filexxx-xxx/xxxxxxHigh
11Filexxxx/xxxxxxxxxxxxx/xxxxxxx.xxxHigh
12Filexxxx/xxxxxxxxxxxxxxx.xxxHigh
13Filexxxx_xxxxx.xxxHigh
14Filexxxxxx.xxxMedium
15Filexxxx/xxxxxxxx.xxxx.xxxxxxx.xxxHigh
16Filexxxxxxxxxxx/xxxx-xxxxxx-xxxxxx.xxxHigh
17Filexxxxxxxxx/xx/xxxxxxxxxxxx.xxxHigh
18Filexxxx.xxxMedium
19Filexxxx/xxxxxxxxxx.xxxHigh
20Filexxxxx.xxxMedium
21Filexxx/xxx_xxx_xx.xxxxHigh
22Filexxxx_xxxx.xxxHigh
23Filexxxxxxx.xxxMedium
24Filexxxxxxxxx/xxxxxxx.xxx.xxxHigh
25Filexxx.xLow
26Filexxxxxxx.xxxMedium
27Filexxx_xxxx.xxxMedium
28Filexxxxx/xxxxx.xxxHigh
29Filexxxxxxx/xxxx.xxxHigh
30Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]High
31Filexxxxxxx/xxxxx/xxxx-xxx/xxxxxx.xHigh
32Filexxxxx.xxxMedium
33Filexxxxxx.xxxMedium
34Filexxxxxxxxx.xMedium
35Filexxxxxxxx/xxxxxxxxHigh
36Filexxxxx.xxxMedium
37Filexxxxx/xxxxxxx/xxxxxxxx/xxxxx.xxx.xxxxHigh
38Filexxxxxxx.xxxMedium
39Filexx-xxxxx/xxxxx-xxxx.xxxHigh
40Filexx-xxxxx/xxxxxx-xxxx.xxxHigh
41Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxHigh
42Libraryxxx/xxxx/xxxxxx.xxxxx.xxxHigh
43Argumentxxxxxx_xxxxMedium
44ArgumentxxxxxxxLow
45Argumentxxxx_xxLow
46Argumentxxxxxxx-xxxxxxHigh
47Argumentxxxxxxx_xxMedium
48Argumentxxx_xxxLow
49ArgumentxxxxxxxxxxxxxxxHigh
50ArgumentxxxxxxLow
51ArgumentxxxxLow
52ArgumentxxxxxxxLow
53ArgumentxxxxLow
54ArgumentxxLow
55ArgumentxxxxxxxxxMedium
56Argumentxx_xxxxLow
57Argumentx/xx/xxxMedium
58ArgumentxxxxxxxxxxMedium
59ArgumentxxxxLow
60Argumentxxxx/xxxxxxxMedium
61ArgumentxxxxxxxxxxxxxxxxxxxxxxxHigh
62ArgumentxxxxxLow
63Argumentxxxxxx_xxxxMedium
64ArgumentxxxxxxxxxxxxxHigh
65Argumentxxxxxxxx_xxxxxxxHigh
66ArgumentxxxxxxLow
67Argumentxxxxxxxx[]Medium
68Argumentxxxxxxxx[xxxx]High
69ArgumentxxxLow
70Argumentxxx_xxxx[x][]High
71Argumentxxxxxxxx/xxxMedium
72ArgumentxxLow
73ArgumentxxxxxxxxxxxxxHigh
74ArgumentxxxLow
75ArgumentxxxxxxxxxxxxxHigh
76Input Value-xLow
77Input Valuexxxxx"][xxxxxx]xxxxx('xxx')[/xxxxxx]High
78Network Portxxx xxxxxx xxxxHigh

References (5)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!