Sektor Finance

Timeframe: -28 days

Default Categories (81): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Appointment Software, Asset Management Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Banking Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Data Loss Prevention Software, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Financial Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Information Management Software, IP Phone Software, JavaScript Library, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Smartphone Operating System, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Zeitverlauf

Hersteller

Linux336
Microsoft132
Oracle78
Google40
Not Defined38

Produkt

Linux Kernel336
Microsoft Windows86
Oracle MySQL Server30
Juniper Junos OS30
Microsoft SQL Server26

Massnahmen

Official Fix770
Temporary Fix0
Workaround4
Unavailable0
Not Defined126

Ausnutzbarkeit

High0
Functional4
Proof-of-Concept38
Unproven118
Not Defined740

Zugriffsart

Not Defined0
Physical4
Local130
Adjacent372
Network394

Authentisierung

Not Defined0
High98
Low554
None248

Benutzeraktivität

Not Defined0
Required154
None746

C3BM Index

CVSSv3 Base

≤10
≤20
≤324
≤486
≤5248
≤6244
≤7118
≤8124
≤954
≤102

CVSSv3 Temp

≤10
≤20
≤324
≤496
≤5248
≤6304
≤7120
≤894
≤912
≤102

VulDB

≤10
≤22
≤328
≤4110
≤5226
≤6242
≤7112
≤8134
≤944
≤102

NVD

≤1900
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1652
≤20
≤38
≤418
≤556
≤658
≤734
≤850
≤920
≤104

Hersteller

≤1774
≤20
≤30
≤40
≤54
≤612
≤724
≤846
≤940
≤100

Exploit 0-day

<1k22
<2k168
<5k28
<10k416
<25k140
<50k106
<100k20
≥100k0

Exploit heute

<1k296
<2k226
<5k190
<10k92
<25k90
<50k6
<100k0
≥100k0

Exploitmarktvolumen

IOB - Indicator of Behavior (1000)

Zeitverlauf

Sprache

en576
ja160
es64
de58
ru38

Land

jp200
us164
de60
fr58
es58

Akteure

Cobalt Strike3
Nanocore RAT1
Formbook1
Nanocore1
TrickBot1

Aktivitäten

Interesse

Zeitverlauf

Typ

Operating System54
Programming Language Software16
Database Software12
Software Library12
Virtualization Software10

Hersteller

Linux40
Oracle24
Not Defined22
Microsoft12
SourceCodester12

Produkt

Linux Kernel40
Microsoft Windows12
Google Chrome8
Apple iOS6
Apple iPadOS6

Schwachstellen

#SchwachstelleBaseTemp0dayHeuteAusMasEPSSCTICVE
1Google Chrome ANGLE erweiterte Rechte6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000003.91CVE-2024-4058
2Ruby Regex Search Pufferüberlauf3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000002.43CVE-2024-27282
3Cisco ASA/Firepower Threat Defense Web Server Denial of Service8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.011791.91CVE-2024-20353
4GNU C Library iconv Pufferüberlauf5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000451.91CVE-2024-2961
5PHP proc_open erweiterte Rechte7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000001.62CVE-2024-1874
6Netgear DG834Gv5 Web Management Interface schwache Verschlüsselung2.72.5$5k-$25k$0-$5kProof-of-ConceptNot Defined0.000001.43CVE-2024-4235
7Cisco ASA/Firepower Threat Defense Legacy Capability erweiterte Rechte5.15.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.011790.95CVE-2024-20359
8Cisco ASA/Firepower Threat Defense erweiterte Rechte6.76.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.95CVE-2024-20358
9GitLab Community Edition/Enterprise Edition Bitbucket Credentials schwache Authentisierung6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000001.91CVE-2024-4024
10PHP password_verify unbekannte Schwachstelle3.73.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000000.91CVE-2024-3096
11GNU C Library Netgroup Cache Pufferüberlauf5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000000.96-CVE-2024-33599
12Google Chrome V8 API Information Disclosure6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.77CVE-2024-4059
13GitLab Community Edition/Enterprise Edition Directory Traversal7.47.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000001.12CVE-2024-2434
14Red Hat Keycloak dbProperties Information Disclosure5.45.4$5k-$25k$5k-$25kNot DefinedNot Defined0.000000.77-CVE-2024-1102
15Google Chrome Dawn Pufferüberlauf6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.53CVE-2024-4060
16GLPI Agent Installation erweiterte Rechte7.67.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.69-CVE-2024-28241
17GLPI Agent URL Denial of Service6.36.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.60-CVE-2024-28240
18GNU C Library NSS Callback Pufferüberlauf5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000000.53-CVE-2024-33602
19Red Hat OpenShift Container Platform Denial of Service6.46.4$5k-$25k$0-$5kNot DefinedNot Defined0.000000.53-CVE-2023-6596
20PowerDNS Recursor Response Denial of Service6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.000000.55CVE-2024-25583

IOC - Indicator of Compromise (15)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP-BereichAkteurTypAkzeptanz
12.58.56.0/24RecordBreakerprädiktivHigh
23.71.181.0/24SliverprädiktivHigh
3XX.XXX.XXX.X/XXXxxxxxxxprädiktivHigh
4XX.XX.XXX.X/XXXxxxxx XxxxxxprädiktivHigh
5XX.XXX.XXX.X/XXXxxxxxxxxprädiktivHigh
6XX.XXX.XXX.X/XXXxxxxx XxxxxxprädiktivHigh
7XX.XXX.XX.X/XXXxxxxx XxxxxxprädiktivHigh
8XX.XXX.XX.X/XXXxxxxx XxxxxxprädiktivHigh
9XX.XXX.XX.X/XXXxxxxxxx XxxprädiktivHigh
10XXX.XXX.XXX.X/XXXxxxxxprädiktivHigh
11XXX.XXX.XX.X/XXXxxxxxxxprädiktivHigh
12XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxprädiktivHigh
13XXX.XXX.XX.X/XXXxxxxx XxxprädiktivHigh
14XXX.XX.XXX.X/XXXxxxxxxxxxprädiktivHigh
15XXX.XXX.XX.X/XXXxxxxxprädiktivHigh

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueKlassifizierungSchwachstellenZugriffsartTypAkzeptanz
1T1006CAPEC-126CWE-22, CWE-23, CWE-25, CWE-35Path TraversalprädiktivHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replayprädiktivHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionsprädiktivHigh
4T1059CAPEC-137CWE-88, CWE-94, CWE-1321Argument InjectionprädiktivHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingprädiktivHigh
6TXXXXCAPEC-122CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxprädiktivHigh
7TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxprädiktivHigh
8TXXXX.XXXCAPEC-16CWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxprädiktivHigh
9TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxprädiktivHigh
10TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxprädiktivHigh
11TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxprädiktivHigh
12TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxprädiktivHigh
13TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxprädiktivHigh
14TXXXXCAPEC-102CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxprädiktivHigh
15TXXXXCAPEC-37CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
16TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxprädiktivHigh
17TXXXXCAPEC-38CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxprädiktivHigh
18TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xxxxxx XxxxprädiktivHigh
19TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxprädiktivHigh
20TXXXXCAPEC-464CWE-XXXXxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx XxxxxprädiktivHigh
21TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
22TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxprädiktivHigh
23TXXXX.XXXCAPEC-CWE-XXXXxx Xxxxxxxxxx XxxxxprädiktivHigh
24TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxprädiktivHigh

IOA - Indicator of Attack (123)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasseIndicatorTypAkzeptanz
1File/adminPage/conf/reloadprädiktivHigh
2File/adminPage/conf/saveCmdprädiktivHigh
3File/adminPage/main/uploadprädiktivHigh
4File/adminPage/www/addOverprädiktivHigh
5File/CMD0/xml_modes.xmlprädiktivHigh
6File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=prädiktivHigh
7File/etc/passwdprädiktivMedium
8File/loginprädiktivLow
9File/Public/webuploader/0.1.5/server/fileupload.phpprädiktivHigh
10File/Public/webuploader/0.1.5/server/fileupload2.phpprädiktivHigh
11File/sys/kernel/notesprädiktivHigh
12File/u/:username/activity/reactionsprädiktivHigh
13File/webeditor/prädiktivMedium
14Fileactivate_jet_details_form_handler.phpprädiktivHigh
15Fileadd-vehicle.phpprädiktivHigh
16Fileadmin-manage-user.phpprädiktivHigh
17Fileadmin-password-change.phpprädiktivHigh
18Filexxxxx/xxxxx/xxxxxxxxxx.xxxprädiktivHigh
19Filexxxxx/xxxxx/xxxxxxxxxxxx.xxxprädiktivHigh
20Filexxxxx/xxxxx/xxxxx.xxxprädiktivHigh
21Filexxxxx/xxxxxxxx/xxxxx.xxxprädiktivHigh
22Filexxxxx/xxxxx.xxxprädiktivHigh
23Filexxxxx/xxxxx/xxxxxxxxxx.xxxprädiktivHigh
24Filexxxxxxx/xxx/xxxx/xxxx/xx/xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxx.xxprädiktivHigh
25Filexxxx_xxxxxx.xprädiktivHigh
26Filexxxxxxxxxx-xxxx.xxxprädiktivHigh
27Filexxxxx/xxx-xxxxxx.xprädiktivHigh
28Filexxxxx/xxx-xx-xxx.xprädiktivHigh
29Filexxx_xxx.xxxxprädiktivMedium
30Filexxxx_xxxxxxx.xxprädiktivHigh
31Filexxxxxxx/xxxxx/xxxxxxxx.xxxprädiktivHigh
32Filexxxxxx/xxxxxx_xxxxxx.xprädiktivHigh
33Filexx_xxx.xprädiktivMedium
34Filexxxxxxxxxxxxxx.xxxprädiktivHigh
35Filexxxxxxxxx.xxxprädiktivHigh
36Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx_xxxx.xprädiktivHigh
37Filexxxxxxx/xxx/xxxx/xxx.xprädiktivHigh
38Filexxxxxxx/xxxxx/xxxxxxx/xx_xxxxxxxxx.xprädiktivHigh
39Filexxxxxxx/xxxx/xxx/xxxxxx.xprädiktivHigh
40Filexxxx.xprädiktivLow
41Filexxxx-xxxx.xxxprädiktivHigh
42Filexx/xxxxx/xxxx-xx.xprädiktivHigh
43Filexx/xxxx/xxxx.xprädiktivHigh
44Filexxxxxxx.xxprädiktivMedium
45FilexxxxxprädiktivLow
46Filexxxxx_xxxxxxprädiktivMedium
47Filexx/xxx/xxx_xx_xxx.xprädiktivHigh
48Filexxxxxxx/xxxxx/xxxxxxxxxxxx.xprädiktivHigh
49Filexxxxxxx/xxxxx/xxxxxx.xprädiktivHigh
50Filexxxxx.xprädiktivLow
51Filexxxxxx/xxx/xxxxxx.xprädiktivHigh
52Filexxxxxx/xxx/xxxxx.xprädiktivHigh
53Filexxxxxx/xxxx_xxxxx.xprädiktivHigh
54Filexxxxxx/xxx/xxxx.x:prädiktivHigh
55Filexxx.xprädiktivLow
56Filexxxxxxxxx.xxprädiktivMedium
57Filexxx.xprädiktivLow
58Filexx/xxxx_xxxxx.xprädiktivHigh
59Filexx/xxxxxxxx.xprädiktivHigh
60Filexxx/xxx/xxx_xxxxxx.xprädiktivHigh
61Filexxxxx.xprädiktivLow
62Filexxxxx.xprädiktivLow
63Filexxxxxxxxx.xxxprädiktivHigh
64Filexxx.xprädiktivLow
65Filexxxxx/xxx/xxxx/xxxxx-xxx-xxx.xprädiktivHigh
66Filexxxxx_xxxx.xprädiktivMedium
67Filexxxx-xxxxxxx.xxxprädiktivHigh
68Filexxxx_xxxxxx.xxprädiktivHigh
69Filexxx.xprädiktivLow
70Filexxxxxx-xxxxx.xxxprädiktivHigh
71File_xxxxxxxxxx.xprädiktivHigh
72Libraryxxxx.xxxprädiktivMedium
73Libraryxxxxxxx/xxx/xxxx_xxx.xprädiktivHigh
74Libraryxxx/xxxxxxxxxxxx.xprädiktivHigh
75Libraryxxx/xxxx_xxxxx.xprädiktivHigh
76Libraryxxx/xxx_xxxx.xprädiktivHigh
77Libraryxxx/xxxx_xxxxx.xprädiktivHigh
78Libraryxxx/xxxxxx.xprädiktivMedium
79Libraryxxx/xxx_xxxxxxx.xprädiktivHigh
80Libraryxxx/xxxxxxxxxxx.xprädiktivHigh
81Libraryxxx/xxxxxxxx.xprädiktivHigh
82Libraryxxxxxxxx.xxxprädiktivMedium
83Libraryxxxx.xprädiktivLow
84Libraryxxxx-xxxxxx.xxxprädiktivHigh
85ArgumentxxxxxxprädiktivLow
86Argumentxxxxx_xxprädiktivMedium
87ArgumentxxxxprädiktivLow
88ArgumentxxxxprädiktivLow
89ArgumentxxxxxxxxxxxxxxxxprädiktivHigh
90Argumentxxxxxxxxxxxxx/xxxxxxxxxprädiktivHigh
91Argumentxx-xxxxxxprädiktivMedium
92ArgumentxxxxxxxxprädiktivMedium
93Argumentxx_xxxx_xxxprädiktivMedium
94ArgumentxxxprädiktivLow
95ArgumentxxxxxxxprädiktivLow
96Argumentxxxxxxx_xxxxprädiktivMedium
97ArgumentxxxxprädiktivLow
98ArgumentxxxxxxxprädiktivLow
99ArgumentxxxxprädiktivLow
100ArgumentxxprädiktivLow
101Argumentxx/xxx/xxxxxprädiktivMedium
102ArgumentxxxxxprädiktivLow
103Argumentxxx_xxprädiktivLow
104Argumentxxx_xxxxxxxprädiktivMedium
105Argumentxxxxx_xxxprädiktivMedium
106ArgumentxxxxxxxxprädiktivMedium
107ArgumentxxxxxxxxxprädiktivMedium
108Argumentxxx_xxxxxxprädiktivMedium
109Argumentxxxxxxx_xxxxx_xxxxxxprädiktivHigh
110Argumentxxx_xxxxprädiktivMedium
111ArgumentxxxxxxxprädiktivLow
112ArgumentxxxxxprädiktivLow
113ArgumentxxxxxxxxxxxprädiktivMedium
114Argumentxxxx_xxxxxxx_xxxxprädiktivHigh
115ArgumentxxxxprädiktivLow
116Argumentxxxx/xxxxxxxxprädiktivHigh
117Argumentxxxx_xxprädiktivLow
118ArgumentxxxxxxxxprädiktivMedium
119Argumentxxxxxx xxxxxprädiktivMedium
120Argumentxxxx_xxxxxprädiktivMedium
121Argumentxxxx_xxprädiktivLow
122Argumentxxxx_xxxxprädiktivMedium
123Argumentx-xxxxxxxxx-xxxprädiktivHigh
ZurückÜbersichtWeiter

Interested in the pricing of exploits?

See the underground prices here!