Tomiris Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en19
sv2

Country

us13
ru4
gb3

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1PRTG Network Monitor login.htm access control8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2018-19410
2Online Student Admission sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.08CVE-2022-28467
3PHP EXIF exif_process_IFD_in_MAKERNOTE memory corruption7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2019-9639
4Mini-Inventory-and-Sales-Management-System Inventory cross-site request forgery3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.06CVE-2021-44321
5JFrog Artifactory upload unrestricted upload8.57.4$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2016-10036
6TightVNC InitialiseRFBConnection out-of-bounds write8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2019-15679
7Linux Kernel Patch CVE-2020-14356 use after free6.56.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-25220
8Linux Kernel VFIO PCI Driver exceptional condition6.46.4$5k-$25k$5k-$25kNot DefinedNot Defined0.04CVE-2020-12888
9Google Android F2FS Driver out-of-bounds read3.83.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.06CVE-2019-9445
10Linux Kernel adis_buffer.c adis_update_scan_mode_burst resource consumption6.46.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2019-19061
11Kyland KPS2204 webadminget.cgi information disclosure4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2020-25011
12Host Web Server phpinfo.php phpinfo information disclosure5.35.2$5k-$25k$0-$5kNot DefinedWorkaround0.00
13Microsoft Outlook Web App redir.aspx authentication spoofing5.35.0$5k-$25k$0-$5kProof-of-ConceptUnavailable0.08
14Teradata Virtual Machine Community Edition Temp File t2a.pl access control9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2016-7489
15Microsoft SQL Server Virtual Function access control6.36.0$25k-$100k$0-$5kNot DefinedOfficial Fix0.07CVE-2015-1763
16TP-LINK TL-WR840N v4 traceroute input validation7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2019-15060
17osTicket main.php file inclusion7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.02CVE-2005-1438
18Exim EHLO Command string.c string_vformat buffer overflow8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2019-16928
19Tim Kosse FileZilla format string7.37.0$25k-$100k$0-$5kNot DefinedOfficial Fix0.04CVE-2007-2318
20Microsoft IIS FTP Server memory corruption7.57.2$25k-$100k$0-$5kHighOfficial Fix0.09CVE-2010-3972

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Tomiris

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (1)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1068CWE-264, CWE-284Execution with Unnecessary PrivilegespredictiveHigh

IOA - Indicator of Attack (13)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/cgi-bin/webadminget.cgipredictiveHigh
2File/opt/teradata/gsctools/bin/t2a.plpredictiveHigh
3File/xxxxxx/xxxxx.xxxpredictiveHigh
4Filexxxxxxx/xxx/xxx/xxxx_xxxxxx.xpredictiveHigh
5Filexxxx.xxxpredictiveMedium
6Filexxx/xxxxx.xxxxpredictiveHigh
7Filexxxxxxx.xxxpredictiveMedium
8Filexxxxxx.xpredictiveMedium
9Filexx/xxxxxxxx/xxxxxxpredictiveHigh
10Argumentxxxx_xxxpredictiveMedium
11Argumentxxxxxxx_xxxpredictiveMedium
12ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
13ArgumentxxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!