OnePercent Analysisinfo

IOB - Indicator of Behavior (188)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en152
sv16
de8
it8
pl2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows6
Microsoft IIS4
SWFTools4
Citrix NetScaler ADC4
Citrix NetScaler Gateway4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.021470.00CVE-2007-1192
2Tiki TikiWiki tiki-editpage.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.011940.04CVE-2004-1386
3WPS Hide Login Plugin Secret Login Page options.php access control6.96.7$0-$5k$0-$5kNot DefinedOfficial Fix0.022190.04CVE-2021-24917
4Apple Mac OS X TCP/IP Stack denial of service5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.042360.00CVE-2004-0171
5MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.013021.50CVE-2007-0354
6Zipato Zipabox Smart Home Controller information disclosure6.46.4$0-$5kCalculatingNot DefinedNot Defined0.004230.00CVE-2018-15125
7Samsung SCX-6x55X Syncthru Web Service source code4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.001620.00CVE-2021-42913
8DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.021950.47CVE-2010-0966
9OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.106670.21CVE-2016-6210
10Microsoft IIS uncpath cross site scripting5.25.0$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.004830.56CVE-2017-0055
11Microsoft IIS IP/Domain Restriction access control6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.008170.43CVE-2014-4078
12PHP phpinfo cross site scripting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.017440.13CVE-2007-1287
13PHP phpinfo cross site scripting6.35.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.069380.05CVE-2006-0996
14morpheus65535 Bazarr static path traversal6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.000540.04CVE-2024-40348
15Matt Martz & Andy Stratton Page Restrict Plugin cross-site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000430.06CVE-2024-24702
16nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002411.68CVE-2020-12440
17Google Android Linkify.java addLinks access control7.57.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000980.00CVE-2019-2003
18Adobe Magento Mage-Messages Cookie cross site scripting2.42.3$0-$5k$0-$5kNot DefinedOfficial Fix0.001870.03CVE-2021-28556
19GitHub Enterprise Server GraphQL API authorization8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.002770.03CVE-2022-23739
20Mitsubishi Electric Factory Automation path traversal7.37.2$0-$5k$0-$5kNot DefinedNot Defined0.010590.00CVE-2020-14523

IOC - Indicator of Compromise (7)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (70)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/+CSCOE+/logon.htmlpredictiveHigh
2File/api/swaggerui/staticpredictiveHigh
3File/downloadpredictiveMedium
4File/forum/away.phppredictiveHigh
5File/port_3480/data_requestpredictiveHigh
6File/uncpath/predictiveMedium
7File/userRpm/PingIframeRpm.htmpredictiveHigh
8File/wp-admin/options.phppredictiveHigh
9Fileadclick.phppredictiveMedium
10Filexxx_xxxxxxx.xxxpredictiveHigh
11Filexxxxx/xxxxx.xxx?x=xx_xxx&x=xxxxx&x=xxxxx&x=xxxxx_xxxx_xxxxxxx&xxxxx=xxxx&xxxxx=xpredictiveHigh
12Filexxx.xxxpredictiveLow
13Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
14Filexxxx-xxxx.xpredictiveMedium
15Filexxxxxxxxxxx.xxxpredictiveHigh
16Filexxx.xxxpredictiveLow
17Filexxxxxxxxx-xxxxxxx.xxxpredictiveHigh
18Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
19Filexxxxx.xpredictiveLow
20Filexxxxxxx/xxx/xxx/xxx_xxxx.xpredictiveHigh
21Filexxxxx.xxxpredictiveMedium
22Filexxxx.xxxpredictiveMedium
23Filexxx/xxxxxx.xxxpredictiveHigh
24Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx/xxx.xxxpredictiveHigh
25Filexxxxxxx.xxxxpredictiveMedium
26Filexxxxx.xxxpredictiveMedium
27FilexxxxpredictiveLow
28Filexxxx.xxxpredictiveMedium
29Filexxxxxxx.xxxpredictiveMedium
30Filexxxxxxx_xxxxxx.xxxpredictiveHigh
31Filexxxxxxxx.xxpredictiveMedium
32Filexxxxxxxx_xxxxxx.xxxpredictiveHigh
33Filexxxxx.xxxpredictiveMedium
34Filexxxxxx.xxxpredictiveMedium
35Filexxxxxxxxxxxx.xxxpredictiveHigh
36Filexxxx-xxxxxxxx.xxxpredictiveHigh
37Filexxxxxx.xxxpredictiveMedium
38Filexxxxxx.xxxpredictiveMedium
39Filexxxxxx.xxxpredictiveMedium
40Filexxxxx/xxxxxxxxpredictiveHigh
41Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
42Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxxx.xxxpredictiveHigh
43Filexx-xxxxxxxxx.xxxpredictiveHigh
44Libraryxxxxxxxxxxxx.xxxpredictiveHigh
45Libraryxxx/xxx.xpredictiveMedium
46Libraryxxx/xxx.xpredictiveMedium
47Libraryxxxxxxx.xxxpredictiveMedium
48Argumentxxxxx_xxxxxxxxpredictiveHigh
49ArgumentxxxxxxxxpredictiveMedium
50ArgumentxxxxxpredictiveLow
51ArgumentxxxpredictiveLow
52ArgumentxxxxxxxxpredictiveMedium
53ArgumentxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
54ArgumentxxxxpredictiveLow
55Argumentxxxxxxxxx xxxxpredictiveHigh
56ArgumentxxxxxxpredictiveLow
57ArgumentxxxxpredictiveLow
58ArgumentxxxxxxxxxpredictiveMedium
59ArgumentxxpredictiveLow
60ArgumentxxxxpredictiveLow
61ArgumentxxxxxxxpredictiveLow
62ArgumentxxxxxxxxpredictiveMedium
63Argumentxxxx_xxxxpredictiveMedium
64ArgumentxxxpredictiveLow
65Argumentxxxxxx_xxxxpredictiveMedium
66Argumentxx_xxpredictiveLow
67Argumentxxxxx_xxpredictiveMedium
68Argumentxxxxxxxx/xxxxpredictiveHigh
69ArgumentxxxxxpredictiveLow
70Network Portxxx/xxx (xxx)predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!