القطاع Government

Timeframe: -28 days

Default Categories (63): Access Management Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Automation Software, Backup Software, Billing Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, File Compression Software, File Transfer Software, Financial Software, Firewall Software, Groupware Software, Hardware Driver Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Server Software, Middleware, Multimedia Player Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Product Lifecycle Management Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Software Library, Software Management Software, Spreadsheet Software, SSH Server Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

التسلسل الزمني

المجهز

Microsoft84
Apple46
Mozilla42
Not Defined32
Linux28

منتج

Microsoft Windows78
Apple macOS42
Mozilla Firefox40
Linux Kernel28
NVIDIA GPU Display Driver24

معالجة

Official Fix310
Temporary Fix0
Workaround6
Unavailable0
Not Defined110

قابلية الاستغلال

High0
Functional0
Proof-of-Concept8
Unproven82
Not Defined336

متجه الوصول

Not Defined0
Physical6
Local26
Adjacent78
Network316

توثيق

Not Defined0
High22
Low240
None164

تفاعل المستخدم

Not Defined0
Required120
None306

C3BM Index

CVSSv3 Base

≤10
≤20
≤38
≤444
≤552
≤670
≤7118
≤868
≤964
≤102

CVSSv3 Temp

≤10
≤20
≤312
≤440
≤556
≤6146
≤764
≤890
≤916
≤102

VulDB

≤10
≤20
≤312
≤442
≤550
≤670
≤7118
≤860
≤972
≤102

NVD

≤1422
≤20
≤30
≤42
≤50
≤60
≤72
≤80
≤90
≤100

CNA

≤1360
≤20
≤32
≤42
≤56
≤616
≤712
≤816
≤912
≤100

المجهز

≤1340
≤20
≤30
≤40
≤54
≤68
≤76
≤850
≤918
≤100

إكسبلويت ذات هجوم فوري

<1k12
<2k126
<5k20
<10k82
<25k86
<50k46
<100k54
≥100k0

إكسبلويت اليوم

<1k108
<2k64
<5k84
<10k64
<25k106
<50k0
<100k0
≥100k0

حجم سوق الإكسبلويت

IOB - Indicator of Behavior (1000)

التسلسل الزمني

اللغة

en952
de22
pt12
fr6
ja4

البلد

us160
de32
it30
il28
br22

الفاعلين

Qakbot1
Dealply1
Nymaim1
Ursnif1

النشاطات

الاهتمام

التسلسل الزمني

النوع

Operating System72
Web Browser26
Groupware Software14
Router Operating System8
Automation Software6

المجهز

Microsoft70
Google24
Not Defined10
NVIDIA6
Linksys4

منتج

Microsoft Windows64
Google Chrome24
Tiki Wiki CMS Groupware8
Microsoft Exchange Server6
NVIDIA GPU Display Driver6

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةCTIEPSSCVE
1Microsoft Windows SMB Witness Service Privilege Escalation8.87.7$25k-$100k$5k-$25kUnprovenOfficial Fix1.00+0.00000CVE-2023-21549
2Microsoft Windows Advanced Local Procedure Call Privilege Escalation9.48.7$25k-$100k$5k-$25kFunctionalOfficial Fix0.92+0.00000CVE-2023-21674
3Microsoft Windows Layer 2 Tunneling Protocol Remote Code Execution8.17.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.64+0.00000CVE-2023-21679
4Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code Execution8.87.7$25k-$100k$5k-$25kUnprovenOfficial Fix0.59+0.00000CVE-2023-21681
5Microsoft Windows Cryptographic Services Privilege Escalation9.48.2$25k-$100k$5k-$25kUnprovenOfficial Fix0.51+0.00000CVE-2023-21561
6Microsoft Windows BitLocker Local Privilege Escalation6.85.9$5k-$25k$5k-$25kUnprovenOfficial Fix0.43+0.00000CVE-2023-21563
7Microsoft SharePoint Server ثغرات غير معروفة5.95.2$5k-$25k$5k-$25kUnprovenOfficial Fix0.36+0.00000CVE-2023-21743
8Microsoft Windows Local Security Authority Privilege Escalation8.37.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.36+0.00000CVE-2023-21524
9Microsoft Windows Layer 2 Tunneling Protocol Remote Code Execution8.17.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.31+0.00000CVE-2023-21555
10IS_Projecto2 NewsBean.java حقن إس كيو إل5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.850.00890CVE-2014-125038
11Microsoft Windows NTLM Privilege Escalation8.37.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.28+0.00000CVE-2023-21746
12Microsoft Windows Cryptographic Services Privilege Escalation8.37.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.31+0.00000CVE-2023-21551
13Microsoft Windows Print Spooler Privilege Escalation8.37.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.29+0.00000CVE-2023-21678
14Microsoft Windows Layer 2 Tunneling Protocol Remote Code Execution8.17.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.31+0.00000CVE-2023-21556
15Microsoft Windows Cryptographic الكشف عن المعلومات4.94.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.31+0.00000CVE-2023-21550
16Microsoft Windows GDI Privilege Escalation8.37.5$25k-$100k$5k-$25kProof-of-ConceptOfficial Fix0.31+0.00000CVE-2023-21552
17Microsoft Windows Secure Socket Tunneling Protocol Remote Code Execution8.17.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.31+0.00000CVE-2023-21548
18Microsoft Windows Secure Socket Tunneling Protocol Remote Code Execution8.17.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.26+0.00000CVE-2023-21535
19Microsoft Exchange Server Privilege Escalation8.07.0$5k-$25k$5k-$25kUnprovenOfficial Fix0.26+0.00000CVE-2023-21762
20Microsoft Exchange Server Privilege Escalation8.37.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.26+0.00000CVE-2023-21763

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeممثلالنوعالثقة
152.114.128.0/24Nymaimpredictiveعالي
2XX.XXX.XXX.X/XXXxxxxxxpredictiveعالي
3XX.XX.XX.X/XXXxxxxxxxpredictiveعالي
4XXX.XXX.XX.X/XXXxxxxxpredictiveعالي
5XXX.XX.XXX.X/XXXxxxxxpredictiveعالي

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1006CWE-22, CWE-35Pathname Traversalpredictiveعالي
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveعالي
3T1055CWE-74Injectionpredictiveعالي
4T1059CWE-94Cross Site Scriptingpredictiveعالي
5TXXXX.XXXCWE-XXXxxxx Xxxx Xxxxxxxxxpredictiveعالي
6TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictiveعالي
8TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx Xxxxxxxxpredictiveعالي
9TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxxxxxxpredictiveعالي
10TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictiveعالي
11TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictiveعالي
12TXXXXCWE-XX, CWE-XXXxx Xxxxxxxxxpredictiveعالي
13TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictiveعالي
14TXXXXCWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx Xxxxpredictiveعالي
15TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
16TXXXXCWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictiveعالي
17TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
18TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveعالي
19TXXXXCWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx Xxxxxxxxxxpredictiveعالي
20TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictiveعالي

IOA - Indicator of Attack (69)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/apply.cgipredictiveمتوسط
2File/etc/sudoerspredictiveمتوسط
3File/tiki-importer.phppredictiveعالي
4File/tpts/manage_user.phppredictiveعالي
5Fileagent/listener/templates/tail.htmlpredictiveعالي
6Fileapplication/controllers/timedtext.phppredictiveعالي
7Fileb/fs/ksmbd/smb2misc.cpredictiveعالي
8Filebarbican/api/controllers/__init__.pypredictiveعالي
9FileCnn-EJB/ejbModule/ejbs/NewsBean.javapredictiveعالي
10Filecom/ruoyi/generator/controller/GenControllerpredictiveعالي
11Filexxxxxxx/xxx/xxx/xxx.xpredictiveعالي
12Filexxxxxxx/xxx/xxx/xxx/xxxxxx/xxx_xxxx.xpredictiveعالي
13Filexxxxxxx/xxx/xxx/xxx/xxxxxx_xxxx.xpredictiveعالي
14Filexxxxxxx/xxxxxxxxxx/xxxx/xxxxxx_xxxx.xpredictiveعالي
15Filexxxxxxx/xxxxx/xxxxxxxx/xxx-xxxxxx/xxx_xxxxxx_xx_xxx.xpredictiveعالي
16Filexxxxxxx/xxxx/xxxxx/xxxx.xpredictiveعالي
17Filexxxxxxx/xxx/xxxxxxxx/xxx/xxxxx_xxx.xpredictiveعالي
18Filexxxxxxx/xxx/xxxxxx/xxxxxx_xxx.xpredictiveعالي
19Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxxxxxxx.xpredictiveعالي
20Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxx.xpredictiveعالي
21Filexxxxxxx/xxxxx/xxxxxx/xxxxxx_xxxxx.xpredictiveعالي
22Filexxxxxxx/xxxxxxx/xxxxx/xxxxx/xxxx/xxxx_xxxxxxx.xpredictiveعالي
23Filexxxxxxx/xxxxxxx/xxxxxxx/xxxx/xxx_xxxx.xpredictiveعالي
24Filexx/xx_xxxxx.xpredictiveعالي
25Filexx/xxxxx/xxxxxxxx.xpredictiveعالي
26Filexx/xxxxx/xxxxxxx.xpredictiveعالي
27Filexx/xxxxx/xxxxxx.xpredictiveعالي
28Filexx/xxx/xxxxxxxx.xpredictiveعالي
29Filexxxx.xxxpredictiveمتوسط
30Filexxxxxxx/xxxxxx_xxx.xxpredictiveعالي
31Filexxx/xxxxxxx/xxxx/xxxxxxx_xxxx.xxpredictiveعالي
32Filexxxx/xxxx.xxxpredictiveعالي
33Filexxxxxxxxxxxxxxpredictiveعالي
34Filexxxxx.xxxx.xxxpredictiveعالي
35Filexxxx_xxxxxxxxpredictiveعالي
36Filexxxxxx.xpredictiveمتوسط
37Filexxxxxx.xxpredictiveمتوسط
38Filexxx/xxx/xxxxxxx.xpredictiveعالي
39Filexxx/xxxx/xxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
40Filexxx/xxxx/xxxx/xxx/xxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
41Filexxx/xxxxxxx/xxx_xxx/xxxxxx/xxxxxxxxx.xpredictiveعالي
42Filexxx/xxx/xxx.xxxpredictiveعالي
43Filexxxxxxxxx.xxxpredictiveعالي
44Filexxxxxxxxxxxx_xxxx_xxxxxxxxx.xxxpredictiveعالي
45Filexxxxxx.xxxpredictiveمتوسط
46Libraryxxxx.xxxpredictiveمتوسط
47Libraryxxxxxx.xxpredictiveمتوسط
48Libraryxxxxxxxx.xxxpredictiveمتوسط
49Libraryxxxxx.xxxpredictiveمتوسط
50Argumentxxxxxxxxxxxxxxxpredictiveعالي
51Argumentxx(x)_xxxxx_xxxxxxxxxxpredictiveعالي
52Argumentxxxx_xxxxxxx_xxxxpredictiveعالي
53Argumentxxxxpredictiveواطئ
54Argumentxxx_xxxxxx_xxxx_xxx_xxxxxx_xxxx/xxx_xxxxxx_xxxx_xxx_xxxxxx_xxxxxpredictiveعالي
55Argumentxxxxpredictiveواطئ
56Argumentxxpredictiveواطئ
57Argumentxxxpredictiveواطئ
58Argumentxxxxxxxxx_xxx_xxxx_xxxxxxx_xxxxpredictiveعالي
59Argumentxxxxxxxxx_xxx_xxxx_xxxx_xxxxxxxpredictiveعالي
60Argumentxxxpredictiveواطئ
61Argumentxxxxxxpredictiveواطئ
62Argumentxxxxpredictiveواطئ
63Argumentxxxxxxxxpredictiveمتوسط
64Argumentxxxpredictiveواطئ
65Argumentxxxxxx_xxx_xxxpredictiveعالي
66Argumentxxxxxxpredictiveواطئ
67Argumentxxxx_xxxpredictiveمتوسط
68Argumentxxxpredictiveواطئ
69Argumentxxxxxxxxpredictiveمتوسط
التالي نظرة عامة السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!