Cybergate Analysis

IOB - Indicator of Behavior (79)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en76
de4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

ca64
de4
ru2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Oracle Java SE8
Microsoft Internet Explorer4
Audacity4
GitHub Git LFS2
Comdev eCommerce2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.920.25090CVE-2017-0055
2Omron CX-One CX-Programmer Password Storage information disclosure5.95.7$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2015-0988
3JFrog Artifactory Pro SAML SSO Signature Validator signature verification8.07.2$0-$5kCalculatingProof-of-ConceptOfficial Fix0.030.01018CVE-2018-19971
4IBM QRadar SIEM improper authentication7.77.7$5k-$25k$5k-$25kNot DefinedNot Defined0.060.00890CVE-2019-4210
5Audacity DLL Loader avformat-55.dll access control6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.050.01102CVE-2017-1000010
6Banana Dance search.php sql injection7.37.3$0-$5kCalculatingNot DefinedNot Defined0.040.01136CVE-2011-5175
7F5 BIG-IP vCMP Hypervisor cleartext storage3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00885CVE-2019-6670
8Apple QuickTime memory corruption7.36.6$5k-$25kCalculatingProof-of-ConceptOfficial Fix0.050.05701CVE-2015-5751
9Oracle Java SE JAXP denial of service5.35.1$5k-$25kCalculatingNot DefinedOfficial Fix0.030.04358CVE-2015-4893
10McAfee Endpoint Security Installer EPSetup.exe code injection5.35.3$5k-$25k$0-$5kNot DefinedNot Defined0.030.00885CVE-2019-3652
11HP 3PAR Service Processor SP information disclosure4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.020.01055CVE-2015-5443
12IBM DB2 link following7.87.8$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00950CVE-2018-1781
13windows-selenium-chromedriver Download cryptographic issues6.86.8$0-$5k$0-$5kNot DefinedNot Defined0.040.01156CVE-2016-10687
143PAR Service Processor path traversal6.46.1$0-$5kCalculatingNot DefinedOfficial Fix0.000.00885CVE-2018-7098
15Cisco NX-OS/FXOS CLI command injection7.37.3$25k-$100k$5k-$25kNot DefinedNot Defined0.000.00885CVE-2019-1795
16Oracle Fusion Middleware Tuxedo access control8.78.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.010.00885CVE-2017-10272
17Microsoft Internet Explorer information disclosure4.33.8$25k-$100kCalculatingUnprovenOfficial Fix0.000.29797CVE-2014-6346
18ZKTeco ZKTime Web cross-site request forgery6.15.8$0-$5kCalculatingProof-of-ConceptNot Defined0.010.08078CVE-2017-13129
19Microsoft Internet Explorer FTP Download unknown vulnerability4.33.9$25k-$100kCalculatingProof-of-ConceptOfficial Fix0.070.11431CVE-2005-2126
20Jelsoft vBulletin attachment.php cross site scripting4.34.3$0-$5kCalculatingNot DefinedNot Defined0.000.01136CVE-2007-0869

IOC - Indicator of Compromise (29)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22Pathname TraversalpredictiveHigh
2T1059CWE-94Cross Site ScriptingpredictiveHigh
3T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
4TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
5TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
6TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
7TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
8TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
9TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
10TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh
11TXXXXCWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (35)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/catcompany.phppredictiveHigh
2File/proc/self/cwdpredictiveHigh
3File/uncpath/predictiveMedium
4Fileadmin/movieview.phppredictiveHigh
5Fileadmincp/attachment.phppredictiveHigh
6Filexxxx/xxxxxxxx.xpredictiveHigh
7Filexxxxxxx.xxxpredictiveMedium
8Filexxxxxxxx/xxx/xxx.xxx.xxxpredictiveHigh
9Filexxxxxxxxxx.xxxpredictiveHigh
10Filexxxxxx.xpredictiveMedium
11Filexxxxxxx.xpredictiveMedium
12Filexxxxxxxx.xxxpredictiveMedium
13Filexxxxxx.xxxpredictiveMedium
14Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
15Filexxxxxx.xxxpredictiveMedium
16Filexxx/xxxxxxx.xpredictiveHigh
17Filexxxxxxxx/xxxxxxxxxx.xpredictiveHigh
18Filexxx.xxxxxxxx.xxxpredictiveHigh
19Libraryxxxxxxxx.xxxpredictiveMedium
20Libraryxxxxxxxx-xx.xxxpredictiveHigh
21Libraryxxxxxxx.xxxpredictiveMedium
22ArgumentxxxxxxxxpredictiveMedium
23Argumentxxx_xxpredictiveLow
24ArgumentxxxxxxxxpredictiveMedium
25Argumentxxxx/xxxx/xxxxxxxxxpredictiveHigh
26ArgumentxxxxxxxxpredictiveMedium
27ArgumentxxxxpredictiveLow
28ArgumentxxxxxxpredictiveLow
29ArgumentxxxxxxxpredictiveLow
30Argumentxx_xxxxpredictiveLow
31ArgumentxxxxxxxpredictiveLow
32ArgumentxxxxxpredictiveLow
33Input Valuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' xxx xxxx=xxxx xxx 'xxxx'='xxxxpredictiveHigh
34Pattern|xx|predictiveLow
35Network Portxxx/xxxpredictiveLow

References (4)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!