Northern Mariana Islands Unknown Analyse

IOB - Indicator of Behavior (19)

Zeitverlauf

Sprache

en20

Land

us20

Akteure

Aktivitäten

Interesse

Zeitverlauf

Typ

Hersteller

Produkt

Microsoft Windows4
Xerox AltaLink B80452
Xerox AltaLink B80902
Xerox AltaLink C80302
Xerox AltaLink C80352

Schwachstellen

#SchwachstelleBaseTemp0dayHeuteAusMasCTIEPSSCVE
1PhotoPost PhotoPost vBGallery File Upload upload.php erweiterte Rechte6.35.8$0-$5k$0-$5kProof-of-ConceptUnavailable0.040.00546CVE-2008-7088
2Host FTP Server Anonymous schwache Authentisierung5.35.2$0-$5k$0-$5kHighWorkaround0.030.19874CVE-1999-0497
3Dropbear SSH erweiterte Rechte8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000.02911CVE-2016-7406
4Cisco Packaged Contact Center Enterprise erweiterte Rechte9.99.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00162CVE-2024-20253
5fredsmith utils Filename screenshot_sync Information Disclosure3.53.5$0-$5k$0-$5kNot DefinedOfficial Fix0.150.00054CVE-2021-4277
6Xerox AltaLink C8070 Scan to Mailbox Denial of Service6.86.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00103CVE-2021-28670
7D-Link DSL-2641R Cross Site Scripting4.34.1$5k-$25kWird berechnetNot DefinedOfficial Fix0.000.00168CVE-2013-6786
8apk Package APKINDEX.tar.gz Pufferüberlauf7.07.0$0-$5k$0-$5kNot DefinedNot Defined0.000.02413CVE-2017-9669
9Microsoft Windows Multimedia Library winmm.dll Pufferüberlauf10.09.5$100k und mehr$0-$5kHighOfficial Fix0.040.97281CVE-2012-0003
10FTP Server Port Bounce erweiterte Rechte7.37.1$0-$5k$0-$5kHighWorkaround0.000.01653CVE-1999-0017
11Microsoft Windows FTP Service Denial of Service5.35.2$25k-$100k$0-$5kNot DefinedWorkaround0.020.00000
12Linux Kernel USB Device atusb.c Pufferüberlauf4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00099CVE-2019-19525
13OctoPrint Service Port 8081 Information Disclosure8.28.1$0-$5k$0-$5kNot DefinedWorkaround0.020.00310CVE-2018-16710
14Dan Bernstein Qmail RCPT Denial of Service4.03.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.020.00080CVE-1999-0144
15Verizon Fios Actiontec Mi424wr-gen31 Router Administration index.cgi Cross Site Request Forgery6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.010.00356CVE-2013-0126
16BigTree CMS SQL Injection7.37.3$0-$5k$0-$5kHighOfficial Fix0.000.00430CVE-2013-4879
17EMC VPLEX GeoSynchrony erweiterte Rechte7.17.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00087CVE-2015-6850

IOC - Indicator of Compromise (50)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-AdresseHostnameAkteurKampagnenIdentifiziertTypAkzeptanz
18.3.112.0Northern Mariana Islands Unknown06.01.2023verifiziertHigh
28.3.120.0Northern Mariana Islands Unknown06.01.2023verifiziertHigh
38.3.123.48Northern Mariana Islands Unknown06.01.2023verifiziertHigh
48.3.123.164Northern Mariana Islands Unknown06.01.2023verifiziertHigh
58.3.123.224Northern Mariana Islands Unknown06.01.2023verifiziertHigh
68.3.125.0Northern Mariana Islands Unknown06.01.2023verifiziertHigh
78.3.126.0Northern Mariana Islands Unknown06.01.2023verifiziertHigh
88.3.127.0Northern Mariana Islands Unknown07.03.2023verifiziertHigh
943.247.60.0Northern Mariana Islands Unknown06.01.2023verifiziertHigh
1045.12.70.150upper-a8993.alltieinc.comNorthern Mariana Islands Unknown06.01.2023verifiziertHigh
11XX.XX.XX.XXXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
12XX.XXX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
13XX.XX.XXX.XXXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
14XX.XX.XXX.XXXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
15XX.XX.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
16XX.XXX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
17XX.XX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
18XXX.XX.XXX.Xxxx-xx-xxx-x.xxxxxxx.xxxx.xxxXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
19XXX.XX.XXX.Xxxx-xx-xxx-x.xxxxxxx.xxxx.xxxXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
20XXX.X.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
21XXX.X.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
22XXX.XX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
23XXX.XX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
24XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
25XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
26XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
27XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
28XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
29XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
30XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
31XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
32XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
33XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
34XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
35XXX.XX.XXX.XXXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
36XXX.XX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
37XXX.XXX.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
38XXX.XX.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
39XXX.XXX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
40XXX.XX.XX.XXXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
41XXX.XX.XXX.XXXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
42XXX.XX.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
43XXX.XXX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
44XXX.XXX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
45XXX.XXX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
46XXX.XXX.X.Xxxx.xxx.x.x.xxxx.xxxXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
47XXX.XXX.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh
48XXX.XXX.XX.XXXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
49XXX.XXX.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx24.05.2023verifiziertHigh
50XXX.XX.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx06.01.2023verifiziertHigh

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSchwachstellenZugriffsartTypAkzeptanz
1T1059.007CWE-79Cross Site ScriptingprädiktivHigh
2TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxprädiktivHigh
3TXXXXCWE-XXXxx XxxxxxxxxprädiktivHigh
4TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
5TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxprädiktivHigh

IOA - Indicator of Attack (9)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasseIndicatorTypAkzeptanz
1FileAPKINDEX.tar.gzprädiktivHigh
2Filedrivers/net/ieee802154/atusb.cprädiktivHigh
3Filexxxxx.xxxprädiktivMedium
4Filexxxxxxxxxx_xxxxprädiktivHigh
5Filexxxxxx.xxxprädiktivMedium
6Libraryxxxxx.xxxprädiktivMedium
7Argumentxxxxxxxx/xxxxprädiktivHigh
8Network Portxxx/xx (xxx)prädiktivMedium
9Network Portxxx/xxxxprädiktivMedium

Referenzen (4)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!