FontOnLake Analysis

IOB - Indicator of Behavior (36)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en28
zh6
ko2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

cn28
us8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows6
OpenSLP2
Google Chrome2
AnyMacro AnyMacro Mail System2
D-Link DIR-816L2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Penta WAPPLES access control7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00077CVE-2022-35582
2GNU binutils BFD Library opncls.c bfd_zalloc memory corruption4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00132CVE-2018-17359
3UUSee UUPlayer ActiveX control ActiveX Control input validation9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.000.01063CVE-2011-2590
4Oracle MySQL Server Client programs Privilege Escalation7.16.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00095CVE-2023-21980
5Penta WAPPLES insecure inherited permissions7.07.0$0-$5k$0-$5kNot DefinedNot Defined0.000.00043CVE-2022-31322
6Spring Boot Admins Notifier env code injection7.57.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00262CVE-2022-46166
7Apache Commons FileUpload Request Part allocation of resources5.55.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.03359CVE-2023-24998
8redis-py Async Command information disclosure4.03.9$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00061CVE-2023-28858
9Microsoft Windows Win32k Local Privilege Escalation7.87.2$25k-$100kCalculatingFunctionalOfficial Fix0.020.00436CVE-2021-1732
10Microsoft Windows L2TP Privilege Escalation7.87.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.00827CVE-2022-30211
11ZStack REST API code injection5.65.4$0-$5kCalculatingNot DefinedOfficial Fix0.000.00390CVE-2021-32836
12ZhongBangKeJi CRMEB UploadService.php Getshell unrestricted upload5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.020.00334CVE-2020-21787
13WP Fastest Cache pathname traversal3.83.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00294CVE-2021-20714
14Atlassian Bamboo Double OGNL Evaluation Java input validation8.38.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01040CVE-2017-14589
15Atlassian Confluence Server information disclosure4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.070.96202CVE-2021-26085
16Google Chrome V8 Remote Code Execution6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.020.24380CVE-2020-16040
17ExifTool djvu File neutralization6.36.0$0-$5kCalculatingNot DefinedOfficial Fix0.020.92045CVE-2021-22204
18Microsoft Windows DNS Server SigRed memory corruption10.09.0$100k and more$0-$5kProof-of-ConceptOfficial Fix0.010.94458CVE-2020-1350
19Huawei NIP6800/Secospace USG6600/Secospace USG9500 out-of-bounds write7.47.4$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00110CVE-2020-1876
20Microsoft Windows NTLM information disclosure5.44.7$25k-$100k$0-$5kUnprovenOfficial Fix0.020.00654CVE-2021-1678

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (17)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/crmeb/crmeb/services/UploadService.phppredictiveHigh
2File/envpredictiveLow
3File/s/predictiveLow
4Filexxxxxxxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
5Filexxxxxxxxxxx\xxxx\xxxxxxxxxx\xxxxxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
6Filexxxx.xpredictiveLow
7Filexxxxxxx.xxxpredictiveMedium
8Filexxxxxx.xpredictiveMedium
9Filexxxxxx.xpredictiveMedium
10Libraryxxxx.xxxpredictiveMedium
11Argument-x/-xpredictiveLow
12ArgumentxxxxxxpredictiveLow
13Argumentxxxxxxxxxx[xxx][x]predictiveHigh
14ArgumentxxxxxxxxxxxpredictiveMedium
15ArgumentxxpredictiveLow
16Input Value..\predictiveLow
17Network PortxxxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!