Sektor Homeoffice

Timeframe: -28 days

Default Categories (32): Android App Software, Anti-Malware Software, Calendar Software, Digital Media Player, Document Processing Software, Document Reader Software, File Compression Software, File Transfer Software, Firewall Software, Game Console, Groupware Software, Hardware Driver Software, Image Processing Software, iOS App Software, Mail Client Software, Messaging Software, Multimedia Player Software, Network Attached Storage Software, Network Encryption Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Remote Access Software, Router Operating System, Smartphone Operating System, Smartwatch Operating System, Spreadsheet Software, Tablet Operating System, Web Browser, Wireless LAN Software, Word Processing Software

Zeitverlauf

Hersteller

Linux400
Microsoft96
Foxit52
Google48
Juniper28

Produkt

Linux Kernel400
Microsoft Windows88
Foxit PDF Reader52
Google Android26
Mozilla Firefox24

Massnahmen

Official Fix726
Temporary Fix0
Workaround2
Unavailable0
Not Defined62

Ausnutzbarkeit

High6
Functional0
Proof-of-Concept6
Unproven88
Not Defined690

Zugriffsart

Not Defined0
Physical4
Local118
Adjacent410
Network258

Authentisierung

Not Defined0
High34
Low516
None240

Benutzeraktivität

Not Defined0
Required160
None630

C3BM Index

CVSSv3 Base

≤10
≤20
≤322
≤464
≤5184
≤6258
≤7136
≤8100
≤920
≤106

CVSSv3 Temp

≤10
≤20
≤324
≤472
≤5180
≤6344
≤7108
≤852
≤94
≤106

VulDB

≤10
≤20
≤322
≤474
≤5186
≤6254
≤7134
≤898
≤916
≤106

NVD

≤1790
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1674
≤20
≤32
≤40
≤510
≤626
≤722
≤842
≤96
≤108

Hersteller

≤1698
≤20
≤30
≤40
≤52
≤610
≤712
≤852
≤916
≤100

Exploit 0-day

<1k20
<2k122
<5k26
<10k394
<25k122
<50k84
<100k22
≥100k0

Exploit heute

<1k264
<2k202
<5k172
<10k68
<25k78
<50k6
<100k0
≥100k0

Exploitmarktvolumen

IOB - Indicator of Behavior (1000)

Zeitverlauf

Sprache

en676
es88
ja56
de50
zh42

Land

us250
jp70
es68
gb66
fr56

Akteure

Cobalt Strike3
RedLine Stealer2
AsyncRAT2
Grizzly Steppe2
Mirai1

Aktivitäten

Interesse

Zeitverlauf

Typ

Operating System134
Web Browser50
Router Operating System16
Firewall Software8
Wireless LAN Software6

Hersteller

Linux88
Microsoft46
Google26
Mozilla18
Cisco14

Produkt

Linux Kernel88
Microsoft Windows40
Google Chrome24
Mozilla Firefox18
Cisco IOS XE8

Schwachstellen

#SchwachstelleBaseTemp0dayHeuteAusMasEPSSCTICVE
1Palo Alto Networks PAN-OS GlobalProtect erweiterte Rechte8.98.7$0-$5k$0-$5kHighOfficial Fix0.022210.17CVE-2024-3400
2Backdoor.Win32.Dumador.c FTP Server Pufferüberlauf6.35.6$0-$5k$0-$5kProof-of-ConceptWorkaround0.000002.06-
3Cisco ClamAV HTML Parser Denial of Service7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.000430.03CVE-2024-20380
4Google Chrome V8 Pufferüberlauf6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.17CVE-2024-3914
5SolarWinds Serv-U Directory Traversal6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000430.06CVE-2024-28073
6Microsoft Edge Information Disclosure5.45.3$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.30CVE-2024-29987
7Cisco IOS/IOS XE SNMP Extended Named Access erweiterte Rechte5.35.1$5k-$25k$5k-$25kNot DefinedOfficial Fix0.000000.06CVE-2024-20373
8Check Point ZoneAlarm Extreme Security NextGen erweiterte Rechte5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2024-24910
9Google Chrome Downloads Pufferüberlauf6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.06CVE-2024-3834
10Microsoft Edge Information Disclosure4.84.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.06CVE-2024-29986
11Google Chrome V8 Pufferüberlauf6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.09CVE-2024-3832
12Fortinet FortiOS HTTP Request Information Disclosure5.35.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2024-23662
13Microsoft Windows Proxy Driver erweiterte Rechte6.75.8$25k-$100k$5k-$25kUnprovenOfficial Fix0.000430.00CVE-2024-26234
14Google Chrome Networks unbekannte Schwachstelle4.34.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.10CVE-2024-3845
15Microsoft Edge erweiterte Rechte5.04.9$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.07CVE-2024-29991
16Google Chrome Downloads erweiterte Rechte4.34.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.03CVE-2024-3843
17Linux Kernel ct_act.c ip_local_out Privilege Escalation5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000450.00CVE-2024-26921
18Google Chrome QUIC Pufferüberlauf6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.10CVE-2024-3837
19Google Chrome WebAssembly Pufferüberlauf6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.00CVE-2024-3833
20Arm Bifrost GPU Kernel Driver Pufferüberlauf7.87.8$0-$5k$0-$5kNot DefinedNot Defined0.000430.09CVE-2024-1065

IOC - Indicator of Compromise (18)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP-BereichAkteurTypAkzeptanz
15.42.66.0/24Cobalt StrikeprädiktivHigh
223.154.177.0/24B1txor20prädiktivHigh
3XX.XX.XXX.X/XXXxxxxxprädiktivHigh
4XX.XXX.XXX.X/XXXxxxxxx XxxxxxxprädiktivHigh
5XX.XXX.XXX.X/XXXxxxxxxprädiktivHigh
6XX.XX.XXX.X/XXXxxxxxx XxxxxxprädiktivHigh
7XX.XXX.XXX.X/XXXxxxxx XxxxxxprädiktivHigh
8XXX.XXX.X.X/XXXxxxxxxxxprädiktivHigh
9XXX.XX.XXX.X/XXXxxxxx XxxxxxprädiktivHigh
10XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxprädiktivHigh
11XXX.XX.XXX.X/XXXxxxxxx Xxxxx XxxxxprädiktivHigh
12XXX.XX.XXX.X/XXXxxxxxxxxprädiktivHigh
13XXX.XXX.XXX.X/XXXxxxxprädiktivHigh
14XXX.XXX.XXX.X/XXXxxxxprädiktivHigh
15XXX.XXX.XXX.X/XXXxxxxxx XxxxxxprädiktivHigh
16XXX.XXX.XXX.X/XXXxxxx XxxxxxxprädiktivHigh
17XXX.XX.XX.X/XXXxxxxxxprädiktivHigh
18XXX.XXX.XXX.X/XXXxxxxprädiktivHigh

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSchwachstellenZugriffsartTypAkzeptanz
1T1006CWE-22Path TraversalprädiktivHigh
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionsprädiktivHigh
3T1059CWE-94Argument InjectionprädiktivHigh
4T1059.007CWE-79, CWE-80Cross Site ScriptingprädiktivHigh
5T1068CWE-250, CWE-269, CWE-274, CWE-284Execution with Unnecessary PrivilegesprädiktivHigh
6TXXXX.XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxprädiktivHigh
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxprädiktivHigh
8TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxprädiktivHigh
9TXXXXCWE-XXXxx XxxxxxxxxprädiktivHigh
10TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxprädiktivHigh
11TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxprädiktivHigh
12TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
13TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxprädiktivHigh
14TXXXX.XXXCWE-XXXXxxxxxxxxxxxprädiktivHigh
15TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxprädiktivHigh
16TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxprädiktivHigh
17TXXXXCWE-XXXXxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx XxxxxprädiktivHigh
18TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
19TXXXX.XXXCWE-XXXxxxxxxxxxxxxprädiktivHigh
20TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxprädiktivHigh
21TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxprädiktivHigh
22TXXXXCWE-XXXXxxxxxxxxxx XxxxxxprädiktivHigh

IOA - Indicator of Attack (93)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasseIndicatorTypAkzeptanz
1File/api/runs/search/run/prädiktivHigh
2File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=prädiktivHigh
3File/loginprädiktivLow
4File/sys/kernel/notesprädiktivHigh
5Fileandroidmanifest.xmlprädiktivHigh
6FileAp4Atom.cppprädiktivMedium
7FileAp4ByteStream.cppprädiktivHigh
8FileAp4Dec3Atom.cppprädiktivHigh
9FileAp4MdhdAtom.cppprädiktivHigh
10FileAp4Sample.hprädiktivMedium
11FileAp4StsdAtom.cppprädiktivHigh
12FileAp4Utils.cppprädiktivMedium
13Filearch/x86/kernel/fpu/core.cprädiktivHigh
14Fileasn1_common.cprädiktivHigh
15Filexxxxx/xxx-xxxxxx.xprädiktivHigh
16Filexxxxx/xxx-xx-xxx.xprädiktivHigh
17Filexxx_xxx.xxxxprädiktivMedium
18Filexxxxxx/xxxxxx_xxxxxx.xprädiktivHigh
19Filexx_xxx.xprädiktivMedium
20Filexxxxxxxxxxxxxx.xxxprädiktivHigh
21Filexxxxxxxxx.xxxprädiktivHigh
22Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx_xxxx.xprädiktivHigh
23Filexxxxxxx/xxx/xxxx/xxx.xprädiktivHigh
24Filexxxxxxx/xxxxx/xxxxxxx/xx_xxxxxxxxx.xprädiktivHigh
25Filexxxxxxx/xxxx/xxx/xxxxxx.xprädiktivHigh
26Filexxxx.xprädiktivLow
27Filexx/xxxxx/xxxx-xx.xprädiktivHigh
28Filexx/xxxxx/xxxxxxxxxxx.xprädiktivHigh
29Filexx/xxxxx/xxxx-xxx.xprädiktivHigh
30Filexx/xxxx/xxxx.xprädiktivHigh
31FilexxxxxprädiktivLow
32Filexxxxx_xxxxxxprädiktivMedium
33Filexxxxxxx/xxxxx/xxxxxxxxxxxx.xprädiktivHigh
34Filexxxxxxx/xxxxx/xxxxxx.xprädiktivHigh
35Filexxxxx.xprädiktivLow
36Filexxxxxx/xxx/xxxxxx.xprädiktivHigh
37Filexxxxxx/xxx/xxxxxxx.xprädiktivHigh
38Filexxxxxx/xxx/xxxxx.xprädiktivHigh
39Filexxxxxx/xxxx_xxxxx.xprädiktivHigh
40Filexxxxxx/xxx/xxxx.x:prädiktivHigh
41Filexxx.xprädiktivLow
42Filexxxxxxxxx.xxprädiktivMedium
43Filexxx.xprädiktivLow
44Filexx/xxxx_xxxxx.xprädiktivHigh
45Filexx/xxxxxxxx.xprädiktivHigh
46Filexxx/xxxx/xxxxxx.xprädiktivHigh
47Filexxx/xxx/xxx_xxxxxx.xprädiktivHigh
48Filexxx/xxxxxxxxxxx/xxxx.xprädiktivHigh
49Filexxx/xxxxxx/xxxxxxxxxxxxx.xprädiktivHigh
50Filexxxxx.xprädiktivLow
51Filexxxxx.xprädiktivLow
52Filexxxxxxxxx.xxxprädiktivHigh
53Filexxx.xprädiktivLow
54Filexxxxx/xxx/xxxx/xxxxx-xxx-xxx.xprädiktivHigh
55Filexxxxx_xxxx.xprädiktivMedium
56Filexxx.xprädiktivLow
57Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxprädiktivHigh
58Libraryxxxx.xxxprädiktivMedium
59Libraryxxxxxxx/xxxxx/xxxx.xprädiktivHigh
60Libraryxxxxxxx/xxx/xxxx_xxx.xprädiktivHigh
61Libraryxxx/xxx_xxxx.xprädiktivHigh
62Libraryxxx/xxxxxxxxxxxx.xprädiktivHigh
63Libraryxxx/xxxx_xxxxx.xprädiktivHigh
64Libraryxxx/xxx_xxxx.xprädiktivHigh
65Libraryxxx/xxxx_xxxxx.xprädiktivHigh
66Libraryxxx/xxxxxx.xprädiktivMedium
67Libraryxxx/xxx_xxxxxxx.xprädiktivHigh
68Libraryxxx/xxxxxxxxxxx.xprädiktivHigh
69Libraryxxx/xxxxxxxx.xprädiktivHigh
70Libraryxxxxxxxx.xxxprädiktivMedium
71Libraryxxxx.xprädiktivLow
72ArgumentxxxxxxprädiktivLow
73ArgumentxxxxprädiktivLow
74Argumentxx-xxxxxxprädiktivMedium
75Argumentxx_xxxx_xxxprädiktivMedium
76Argumentxxxxxx_xxxxprädiktivMedium
77ArgumentxxxxxxxprädiktivLow
78Argumentxx/xxx/xxxxxprädiktivMedium
79ArgumentxxxxxprädiktivLow
80Argumentxxx_xxxxxxxprädiktivMedium
81Argumentxxxxx_xxxprädiktivMedium
82ArgumentxxxxxxxprädiktivLow
83Argumentxxx_xxxxxxprädiktivMedium
84ArgumentxxxxxxprädiktivLow
85Argumentxxx_xxxxxxprädiktivMedium
86Argumentxxxxxxx_xxxxx_xxxxxxprädiktivHigh
87Argumentxx_xxxxx_xxxxxxxprädiktivHigh
88Argumentxxxx_xxxxxx_xxxxxprädiktivHigh
89ArgumentxxxxxxxprädiktivLow
90ArgumentxxxxxxxxxxxprädiktivMedium
91Argumentxxxx_xxxxxxx_xxxxprädiktivHigh
92ArgumentxxxxprädiktivLow
93Argumentxxxx/xxxxxxxxprädiktivHigh
ZurückÜbersichtWeiter

Do you know our Splunk app?

Download it now for free!