Quantum Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en67
de2

Country

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1libxslt EXSLT Math.random Prediction random values5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2015-9019
2GNU C Library fnmatch_loop.c fnmatch out-of-bounds read5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.01CVE-2015-8984
3GNU C Library strxfrm integer overflow9.18.6$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2015-8982
4TablePress xml external entity reference5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2017-10889
5Salutation Responsive WordPress + BuddyPress Theme Stored cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2017-1000227
6libxml2 Recover Mode null pointer dereference4.03.8$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2017-5969
7elfutils elf_getdata.c _libelf_set_rawdata_wrlock memory corruption5.45.2$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2016-10255
8elfutils ELF File common.h allocate_elf memory corruption5.45.2$0-$5k$0-$5kNot DefinedOfficial Fix0.01CVE-2016-10254
9GNU C Library wstrops.c IO_wstr_overflow integer overflow7.77.3$0-$5k$0-$5kNot DefinedOfficial Fix0.08CVE-2015-8983
10VMware Spring Cloud Gateway Actuator Endpoint code injection9.89.4$5k-$25k$5k-$25kNot DefinedOfficial Fix0.11CVE-2022-22947
11QNAP NAS Surveillance Station stack-based overflow7.67.3$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-2501
12Microsoft Windows IIS memory corruption7.97.6$25k-$100k$5k-$25kNot DefinedOfficial Fix0.08CVE-2019-1365
13Microsoft IIS code injection9.99.9$25k-$100k$5k-$25kNot DefinedNot Defined0.03CVE-2010-1256
14Apache HTTP Server mod_rewrite redirect6.76.7$25k-$100k$5k-$25kNot DefinedNot Defined0.59CVE-2020-1927
15Tuomas Airaksinen Newsadmin readarticle.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptUnavailable0.03CVE-2006-2239
16FlatNuke referer.php Remote Code Execution7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2005-1894
17Mozilla Firefox Array.pop type conversion6.56.2$5k-$25k$0-$5kHighOfficial Fix0.04CVE-2019-11707
18Adobe Connect information disclosure7.47.1$0-$5k$0-$5kNot DefinedOfficial Fix0.08CVE-2018-4994
19Adobe Flash Player type conversion8.07.7$25k-$100k$0-$5kNot DefinedOfficial Fix0.07CVE-2018-4944
20Adobe PhoneGap Push Plugin input validation6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2018-4943

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
1138.68.42.130prod-sfo2-1.qencode-master-cf283c7cc10911ecb9daa269211215a9QuantumverifiedHigh
2XXX.XXX.XXX.XXXxxxxxxverifiedHigh
3XXX.XXX.XXX.XXXXxxxxxxverifiedHigh
4XXX.XXX.XXX.XXXxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79Cross Site ScriptingpredictiveHigh
2TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
3TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
4TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
5TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (37)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/etc/shadowpredictiveMedium
2File/goform/net\_Web\_get_valuepredictiveHigh
3File/goform/net_WebCSRGenpredictiveHigh
4File/goform/WebRSAKEYGenpredictiveHigh
5File/uncpath/predictiveMedium
6File/xx-xxxxxxx/xxxxxxx/xxxxxxxxxxx/xxxxx.xxxpredictiveHigh
7Filexxxxx/xxxxxx_xxxxxx_xxxxxxx/xxxxx-xxx-xxxxx.xxxpredictiveHigh
8Filexxx/xxxxxxx.xpredictiveHigh
9Filexxxxxx.xpredictiveMedium
10Filexxxxx.xpredictiveLow
11Filexxxxxx.xpredictiveMedium
12Filexxx.xpredictiveLow
13Filexxx_xxxxxxx.xpredictiveHigh
14Filexxx/xxxxx/xxxxx.xpredictiveHigh
15Filexxxxxx-xxxxxxx-xxxxxxxx.xxxpredictiveHigh
16Filexxxxxxx_xxxx.xpredictiveHigh
17Filexxxxxxxxx.xxxpredictiveHigh
18Filexxxx.xpredictiveLow
19Filexxxx.xpredictiveLow
20Filexxx/xxxxx/xxxxx_xxxx_xxxxxxxxx.xxxpredictiveHigh
21Filexxxx_xxxx.xxxpredictiveHigh
22Filexxxxxx/xxxxxx/xxxx.xpredictiveHigh
23Filexxxxx/xxxxxxx.xpredictiveHigh
24Filexxxxxxxxxxx.xxxpredictiveHigh
25Filexxxxxxx.xxxpredictiveMedium
26Filexxxxxxxx.xxxpredictiveMedium
27Filexxxx-xxxxxx.xpredictiveHigh
28ArgumentxxpredictiveLow
29Argumentxxxx_xxpredictiveLow
30Argumentxx_xxxxxxx_xxxxpredictiveHigh
31ArgumentxxxxpredictiveLow
32ArgumentxxxpredictiveLow
33Argumentxxxxxxxxxxxxxx_xxxpredictiveHigh
34Argumentxxxxxx_xxxx/xxxxxx_xxxxxpredictiveHigh
35ArgumentxxxxxxxxxxxxxxpredictiveHigh
36ArgumentxxxxxxxxxxxxxxpredictiveHigh
37Argumentxxxxxx\_xxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!