Eye on the Nile Analysisinfo

IOB - Indicator of Behavior (51)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en50
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Linux Kernel4
Ivanti Endpoint Manager2
Netgear GC108P2
Netgear GC108PP2
Netgear GS108Tv32

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.038280.00CVE-2007-1192
2JForum Login input validation6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.001880.05CVE-2012-5338
3Linux Kernel UDP Packet udp.c security check8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.018780.00CVE-2016-10229
4Linux Kernel memory corruption10.09.0$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.111890.05CVE-2008-1673
5vBulletin redirector.php6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.002330.00CVE-2018-6200
6Bitrix24 tools.php initialization7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.086240.02CVE-2023-1719
7Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Version Data version.js information disclosure5.35.1$0-$5k$0-$5kProof-of-ConceptWorkaround0.000450.20CVE-2024-4022
8Eltex NTP-RG-1402G 1v10 Ping ping.cmd os command injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.297240.02CVE-2020-9027
9212cafe 212cafeboard view.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.000640.05CVE-2008-4713
10Ivanti Endpoint Manager sql injection9.29.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000540.00CVE-2023-39336
11Linux Kernel nf_conntrack_h323_asn1.c decode_choice numeric error7.56.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.271340.00CVE-2007-3642
12Netgear GC108P NSDP Packet sccd improper authentication6.76.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.001690.00CVE-2021-40866
13Google Android xt_qtaguid.c qtaguid_untag use after free6.56.3$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000420.05CVE-2021-0399
14TP-LINK Archer C3150v2 dhcp.htm setDefaultHostname cross site scripting5.25.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.003880.07CVE-2021-3275
15Google Android ADSPRPC Heap Manager integer overflow8.58.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.001190.00CVE-2018-3586
16Apple macOS WebKit access control6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.003000.00CVE-2021-1801
17Linux Kernel ptrace.c access control7.87.7$5k-$25k$0-$5kHighOfficial Fix0.003150.03CVE-2019-13272
18Samsung Mobile Devices SEAndroid Protection Mechanism privileges management7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.000660.00CVE-2020-13829
19My Link Trader out.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.03
20PHP phpinfo cross site scripting6.35.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.310970.05CVE-2006-0996

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1185.125.230.116revdns.dns.comEye on the Nile06/16/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (31)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/forum/away.phppredictiveHigh
2File/out.phppredictiveMedium
3File/sqfs/bin/sccdpredictiveHigh
4File/version.jspredictiveMedium
5Filexxxxx/xxxxx.xxxpredictiveHigh
6Filexxxxxx/xxxxxxx/xxxx/xxxxx.xxxpredictiveHigh
7Filexxxxxxx/xxxxxxxxxx/xxxxxx_xxxxxx_xxxxxxxx_xxxxx.xxpredictiveHigh
8Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
9Filexxxx.xxxpredictiveMedium
10Filexxxxx.xxxpredictiveMedium
11Filexxxx.xxxpredictiveMedium
12Filexxx/xxxxxx.xxxpredictiveHigh
13Filexxxxxx/xxxxxx.xpredictiveHigh
14Filexxx/xxxxxxxxx/xx_xxxxxxxxx_xxxx_xxxx.xpredictiveHigh
15Filexxxxxxx.xxxpredictiveMedium
16Filexxxx.xxxpredictiveMedium
17Filexxxx.xxxpredictiveMedium
18Filexxxxxxxxxx.xxxpredictiveHigh
19Filexxx.xpredictiveLow
20Filexxxx.xxxpredictiveMedium
21Filexx_xxxxxxx.xpredictiveMedium
22ArgumentxxxxxxxxpredictiveMedium
23ArgumentxxpredictiveLow
24ArgumentxxxpredictiveLow
25ArgumentxxxxxxxxpredictiveMedium
26ArgumentxxxxxxxxxxpredictiveMedium
27Argumentxxxxxx_xxpredictiveMedium
28ArgumentxxxpredictiveLow
29ArgumentxxxxxpredictiveLow
30ArgumentxxxpredictiveLow
31Network PortxxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!