DNSLock Analyse

IOB - Indicator of Behavior (10)

Zeitverlauf

Sprache

fr10

Land

us10

Akteure

DNSLock1

Aktivitäten

Interesse

Zeitverlauf

Typ

Not Defined6
Application Server Software2
Wireless LAN Software2

Hersteller

SAP4
Foxit4
Netgear2

Produkt

Foxit PhantomPDF4
SAP NetWeaver Application Server ABAP2
SAP 3D Visual Enterprise Viewer2
Netgear R61202
Netgear R60802

Schwachstellen

#SchwachstelleBaseTemp0dayHeuteAusMasCTIEPSSCVE
1Netgear R6120/R6080/R6260/R6220/R6020/JNR3210/WNR2020 mini_httpd Service schwache Authentisierung5.45.4$5k-$25k$5k-$25kNot DefinedNot Defined0.030.00885CVE-2020-17409
2Foxit PhantomPDF U3D Object Information Disclosure3.83.8$0-$5k$0-$5kNot DefinedNot Defined0.060.01321CVE-2020-17411
3Foxit PhantomPDF U3D Object Information Disclosure6.06.0$0-$5k$0-$5kNot DefinedNot Defined0.010.01321CVE-2020-17412
4SAP Business Planning and Consolidation Cross Site Scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.050.00885CVE-2020-6368
5SAP NetWeaver Application Server ABAP Information Disclosure4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.010.00885CVE-2020-6371
6SAP 3D Visual Enterprise Viewer PDF File Denial of Service6.06.0$5k-$25k$0-$5kNot DefinedNot Defined0.040.00954CVE-2020-6372
7SAP 3D Visual Enterprise Viewer PDF File Denial of Service6.06.0$5k-$25k$0-$5kNot DefinedNot Defined0.000.00954CVE-2020-6373
8SAP 3D Visual Enterprise Viewer JT File Denial of Service6.06.0$5k-$25k$0-$5kNot DefinedNot Defined0.010.00954CVE-2020-6374
9SAP 3D Visual Enterprise Viewer CGM File Denial of Service4.94.9$5k-$25k$0-$5kNot DefinedNot Defined0.040.00885CVE-2020-6375
10SAP 3D Visual Enterprise Viewer RH File Denial of Service4.54.5$0-$5k$0-$5kNot DefinedNot Defined0.030.00885CVE-2020-6376

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-AdresseHostnameAkteurKampagnenTypAkzeptanz
118.220.249.233ec2-18-220-249-233.us-east-2.compute.amazonaws.comDNSLockverifiziertMedium
252.77.199.193ec2-52-77-199-193.ap-southeast-1.compute.amazonaws.comDNSLockverifiziertMedium
3XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiziertMedium
4XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiziertMedium
5XX.XXX.XX.XXXxxxxxxverifiziertHigh
6XX.XXX.XXX.XXXXxxxxxxverifiziertHigh

TTP - Tactics, Techniques, Procedures (2)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSchwachstellenZugriffsartTypAkzeptanz
1T1059.007CWE-79Cross Site ScriptingprädiktivHigh
2TXXXXCWE-XXXXxxxxxxxxxxxxprädiktivHigh

Referenzen (2)

The following list contains external sources which discuss the actor and the associated activities:

ZurückÜbersichtWeiter

Might our Artificial Intelligence support you?

Check our Alexa App!