القطاع Insurance

Timeframe: -28 days

Default Categories (76): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Asset Management Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Information Management Software, IP Phone Software, JavaScript Library, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Smartphone Operating System, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

التسلسل الزمني

المجهز

Oracle238
Microsoft86
Insteon72
Apple54
Not Defined54

منتج

Microsoft Windows74
Insteon Hub72
Apple macOS30
Oracle Communications Cloud Native Core Binding Su ...30
Google Chrome26

معالجة

Official Fix662
Temporary Fix0
Workaround2
Unavailable0
Not Defined142

قابلية الاستغلال

High0
Functional2
Proof-of-Concept14
Unproven80
Not Defined710

متجه الوصول

Not Defined0
Physical8
Local78
Adjacent88
Network632

توثيق

Not Defined0
High76
Low354
None376

تفاعل المستخدم

Not Defined0
Required164
None642

C3BM Index

CVSSv3 Base

≤10
≤24
≤36
≤454
≤5114
≤6124
≤7114
≤8190
≤980
≤10120

CVSSv3 Temp

≤10
≤24
≤36
≤460
≤5116
≤6146
≤7114
≤8206
≤9104
≤1050

VulDB

≤10
≤26
≤324
≤474
≤5108
≤6104
≤7114
≤8178
≤9142
≤1056

NVD

≤1660
≤20
≤30
≤44
≤56
≤68
≤726
≤810
≤916
≤1076

CNA

≤1488
≤22
≤30
≤410
≤58
≤646
≤758
≤888
≤996
≤1010

المجهز

≤1722
≤20
≤30
≤40
≤50
≤610
≤712
≤846
≤916
≤100

إكسبلويت ذات هجوم فوري

<1k34
<2k108
<5k98
<10k122
<25k278
<50k60
<100k106
≥100k0

إكسبلويت اليوم

<1k158
<2k174
<5k222
<10k100
<25k148
<50k4
<100k0
≥100k0

حجم سوق الإكسبلويت

IOB - Indicator of Behavior (1000)

التسلسل الزمني

اللغة

en764
ja118
de26
fr24
zh20

البلد

jp142
us140
cn58
ru50
fr42

الفاعلين

Conti2
Hafnium1
TA5051
Dealply1
Carbanak1

النشاطات

الاهتمام

التسلسل الزمني

النوع

Operating System40
Firewall Software16
Database Software14
Application Server Software12
Cloud Software12

المجهز

Not Defined30
Microsoft24
Oracle18
Linux16
Google10

منتج

Microsoft Windows20
Linux Kernel16
F5 BIG-IP6
Google Android6
Oracle MySQL Server6

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةCTIEPSSCVE
1IP Vault WP Firewall Plugin سكربتات مشتركة2.42.4$0-$5k$0-$5kNot DefinedNot Defined1.780.00000CVE-2022-47171
2GNU C Library Call Graph Monitor gmon.c __monstartup تلف الذاكرة4.64.4$0-$5k$0-$5kNot DefinedOfficial Fix3.79-0.00000CVE-2023-0687
3OpenBSD OpenSSH compat.c تلف الذاكرة5.65.4$5k-$25k$5k-$25kNot DefinedOfficial Fix2.650.00950CVE-2023-25136
4Microsoft Edge الحرمان من الخدمة3.13.0$25k-$100k$5k-$25kNot DefinedOfficial Fix2.350.00000CVE-2023-21720
5Nextcloud Mail تشفير ضعيف2.01.9$0-$5k$0-$5kNot DefinedOfficial Fix2.65-0.00000CVE-2023-23944
6Calendar Event Management System حقن إس كيو إل6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.740.00890CVE-2023-0675
7SUSE Linux Enterprise Server/Manager Server rmt-server-regsharing Service تجاوز الصلاحيات8.38.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.97+0.00000CVE-2022-31254
8Calendar Event Management System Login Page حقن إس كيو إل7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined1.480.00954CVE-2023-0663
9Nextcloud Desktop Client QML Label سكربتات مشتركة4.44.4$0-$5k$0-$5kNot DefinedOfficial Fix0.810.00000CVE-2023-23942
10Nextcloud Mail تجاوز الصلاحيات5.75.5$0-$5k$0-$5kNot DefinedOfficial Fix0.740.00000CVE-2023-23943
11Zyxel NBG-418N v2 Logs Page سكربتات مشتركة5.85.8$0-$5k$0-$5kNot DefinedOfficial Fix0.740.00000CVE-2022-45441
12Linux Kernel V4L2/Vivid Test Code الحرمان من الخدمة6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.570.00000CVE-2023-0615
13Western Digital My Cloud توثيق ضعيف6.35.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix2.520.00000CVE-2021-36224
14VMware Workstation الحرمان من الخدمة4.44.2$0-$5k$0-$5kNot DefinedOfficial Fix0.840.00885CVE-2023-20854
15SiteFusion Application Server Extension getextension.php اجتياز الدليل3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix1.280.00950CVE-2016-15023
16IBM WebSphere Application Server Sequence تجاوز الصلاحيات9.08.8$25k-$100k$5k-$25kNot DefinedOfficial Fix0.710.01978CVE-2023-23477
17F5 BIG-IP iControl SOAP Format String8.28.2$5k-$25k$5k-$25kNot DefinedNot Defined1.040.01086CVE-2023-22374
18Western Digital My Cloud Firmware Upgrade توثيق ضعيف8.07.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix2.700.00000CVE-2021-36226
19jianlinwei cool-php-captcha example-form.php سكربتات مشتركة4.44.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.340.01018CVE-2009-10001
20Western Digital My Cloud REST API تجاوز الصلاحيات8.07.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix2.280.00000CVE-2021-36225

IOC - Indicator of Compromise (10)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeممثلالنوعالثقة
154.213.123.0/24Dealplypredictiveعالي
2XX.XX.XXX.X/XXXxxxxxxxpredictiveعالي
3XXX.XXX.XXX.X/XXXxxxxxxxpredictiveعالي
4XXX.XX.XX.X/XXXxxxxxxxpredictiveعالي
5XXX.XX.XXX.X/XXXxxxxpredictiveعالي
6XXX.XXX.XXX.X/XXXxxxxpredictiveعالي
7XXX.XXX.XXX.X/XXXxxxxpredictiveعالي
8XXX.XXX.XXX.X/XXXxxxxxxpredictiveعالي
9XXX.X.XXX.X/XXXxxxxpredictiveعالي
10XXX.XXX.XX.X/XXXxxxxxxxxxpredictiveعالي

TTP - Tactics, Techniques, Procedures (23)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1006CWE-22, CWE-23Pathname Traversalpredictiveعالي
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveعالي
3T1059CWE-88, CWE-94Cross Site Scriptingpredictiveعالي
4T1059.007CWE-79Cross Site Scriptingpredictiveعالي
5T1068CWE-266, CWE-269, CWE-284Execution with Unnecessary Privilegespredictiveعالي
6TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictiveعالي
7TXXXX.XXXCWE-XXXXxx-xxx Xxxx Xxxxxxx Xxxxpredictiveعالي
8TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxxxxxxpredictiveعالي
9TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictiveعالي
10TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictiveعالي
11TXXXXCWE-XX, CWE-XXXxx Xxxxxxxxxpredictiveعالي
12TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictiveعالي
13TXXXXCWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx Xxxxpredictiveعالي
14TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxx Xx X Xxxxxxxxxxx'x Xxxxx Xx Xxxxxpredictiveعالي
16TXXXX.XXXCWE-XXXXxxxxxxxxxxx Xxxxxxxpredictiveعالي
17TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveعالي
18TXXXXCWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictiveعالي
19TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
20TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveعالي
21TXXXXCWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx Xxxxxxxxxxpredictiveعالي
22TXXXX.XXXCWE-XXXXxxxxxxxxxxx Xxxxxxpredictiveعالي
23TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictiveعالي

IOA - Indicator of Attack (68)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/api/v1/registration/validateEmailpredictiveعالي
2File/CPEpredictiveواطئ
3File/opt/Citrix/ICAClient/util/ctxwebhelperpredictiveعالي
4File/Services/Misc.asmx/SearchTagpredictiveعالي
5File/setnetworksettings/IPAddresspredictiveعالي
6File/SetNetworkSettings/SubnetMaskpredictiveعالي
7File/tool/gen/createTablepredictiveعالي
8FileAccessibilityManagerService.javapredictiveعالي
9Filexxxxxxxxxxxxxxx.xxxpredictiveعالي
10Filexxxx.xpredictiveواطئ
11Filexxxxxxxxxxxxxxxx.xxxxpredictiveعالي
12Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
13Filexxxxxx.xpredictiveمتوسط
14Filexxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
15Filexxxxxx.xpredictiveمتوسط
16Filexxx_xxxxxxx_xxxxxxxxx_xxxxxxxxx_xxxxxxxxxxxxxx.xxxpredictiveعالي
17Filexxxxxxxxx.xxxxpredictiveعالي
18Filexxxxxxx/xxx/xxx-xxxxxxxx.xpredictiveعالي
19Filexxxxxxx/xxx/xxxx/xxxx.xpredictiveعالي
20Filexxxxxxx/xxx/xxxxxxxx/xxxxx_xxxx.xpredictiveعالي
21Filexxxxxxx-xxxx.xxxpredictiveعالي
22Filexx/xxxxx/xxxxxx.xpredictiveعالي
23Filexxxxxxxxxxxx.xxxpredictiveعالي
24Filexxxx.xpredictiveواطئ
25Filexxx_xxx.xpredictiveمتوسط
26Filexxxxxxxxxxxxx/xxx/xxx/xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxxpredictiveعالي
27Filexxx/xxxxx.xxxpredictiveعالي
28Filexx_xxxxx/xxxxxxxxx.xpredictiveعالي
29Filexx_xxxxx/xxxx.xpredictiveعالي
30Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
31Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
32Filexxx.xxxpredictiveواطئ
33Filexxx/xxxx/xxx.xpredictiveعالي
34Filexxx/xxxxx/xxx_xxx.xpredictiveعالي
35Filexxx/xxxxx/xxx_xxx.xpredictiveعالي
36Filexxx/xxxxx/xxx_xxx.xpredictiveعالي
37Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
38Filexxxx/xxxxxxx/xxxxxxxx.xxxpredictiveعالي
39Filexxxxxxxxxx_xxxxxxxxx.xxxpredictiveعالي
40Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
41Filexxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
42Filexxxxxxx/xxxxxxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxxpredictiveعالي
43Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveعالي
44Filexxxxxx/xxxx.xxpredictiveعالي
45Filexxxxxxxx.xxxxpredictiveعالي
46Filexxxxxxxxxxxxxxxx.xxxxpredictiveعالي
47Filexxxxxxxxxxxxx.xxxxpredictiveعالي
48Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
49Filexxxxxxxxxx.xxxxpredictiveعالي
50Library/xxxx/xxxxx/xxx/xxxxxxx_xxx.xpredictiveعالي
51Libraryxxxxxxx/xxxxxxxx.xxxpredictiveعالي
52Argumentxxxxxxxpredictiveواطئ
53Argumentxxxpredictiveواطئ
54Argumentxxxxpredictiveواطئ
55Argumentxxxx_xxxxx_xxxxxxxxxxpredictiveعالي
56Argumentxxxx/xxxpredictiveمتوسط
57Argumentxx_xxxpredictiveواطئ
58Argumentxxxxxxx.xxx_xxxxxxxxxxpredictiveعالي
59Argumentxxxxxxxpredictiveواطئ
60Argumentxxxxx/xxxpredictiveمتوسط
61Argumentxxxxxxxpredictiveواطئ
62Argumentxxxxxxx_xxxpredictiveمتوسط
63Argumentxxxxxxpredictiveواطئ
64Argumentxxxxpredictiveواطئ
65Argumentxxxxxxxxpredictiveمتوسط
66Argumentxxxxxxxx/xxxxxxxxpredictiveعالي
67Argumentxxxxxpredictiveواطئ
68Input Value%xxxxxxxx%xxxxxxx(x)%xx/xxxxxx%xxpredictiveعالي
التالي نظرة عامة السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!