Chalubo Análisis

IOB - Indicator of Behavior (45)

Cronología

Idioma

en28
zh14
de2
ru2

País

cn22
us14
de2
ru2

Actores

Ocupaciones

Interesar

Cronología

Escribe

Proveedor

Producto

Google Chrome4
Ignition Automation Ignition2
Forcepoint Email Security2
WordPress2
Litespeed Technologies OpenLiteSpeed2

Vulnerabilidad

#VulnerabilidadBaseTemp0dayHoyExpConEPSSCTICVE
1Cisco Unified Communications Manager TLS Certificate cifrado débil5.34.6$5k-$25k$0-$5kUnprovenOfficial Fix0.001100.00CVE-2014-7991
2Mobile Device Monitoring Service API escalada de privilegios5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.001510.00CVE-2022-0732
3Deltek Vision RPC over HTTP SQL sql injection8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.005760.03CVE-2018-18251
4Kerio Connect/Connect Client Desktop Application E-Mail Preview escalada de privilegios6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.001850.05CVE-2017-7440
5Google Chrome V8 escalada de privilegios7.57.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000820.05CVE-2024-0518
6Google Chrome V8 divulgación de información7.57.4$25k-$100k$5k-$25kHighOfficial Fix0.001790.04CVE-2024-0519
7Fortinet FortiWeb Authorization Header sql injection7.77.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001310.05CVE-2020-29015
8Ignition Automation Ignition JavaSerializationCodec escalada de privilegios9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.000650.03CVE-2023-39476
9QNAP QTS Photo Station escalada de privilegios8.58.4$0-$5k$0-$5kHighOfficial Fix0.963410.06CVE-2019-7192
10Hikvision Hybrid SAN Web Module escalada de privilegios8.28.1$0-$5k$0-$5kNot DefinedOfficial Fix0.267700.03CVE-2022-28171
11Synacor Zimbra Collaboration mboximport directory traversal4.74.5$0-$5k$0-$5kHighOfficial Fix0.947580.00CVE-2022-27925
12Gitblit directory traversal6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.007730.00CVE-2022-31268
13Open Webmail openwebmail-main.pl cross site scripting4.34.2$0-$5k$0-$5kHighUnavailable0.002490.00CVE-2007-4172
14Johannes Sixt Kdbg .kdbgrc escalada de privilegios5.95.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2003-0644
15Litespeed Technologies OpenLiteSpeed Web Server Dashboard directory traversal5.55.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000710.04CVE-2022-0072
16Dovecot Quoted String desbordamiento de búfer8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.613880.04CVE-2019-11500
17MODX CMS modRestServiceRequest XML External Entity7.37.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.002360.00CVE-2020-25911
18RoundCube sql injection6.36.0$0-$5k$0-$5kHighOfficial Fix0.004350.05CVE-2021-44026
19Valmet DNA Service Port 1517 escalada de privilegios9.39.3$0-$5k$0-$5kNot DefinedNot Defined0.001540.00CVE-2021-26726
20WordPress URL escalada de privilegios8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.007120.00CVE-2019-17670

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDdirección IPHostnameActorCampañasIdentifiedEscribeConfianza
1103.27.185.139Chalubo2022-01-24verifiedMedio
2XXX.XX.XXX.XXXxxxxxx2022-01-24verifiedMedio
3XXX.XXX.XXX.XXXXxxxxxx2024-05-30verifiedAlto
4XXX.XXX.XXX.XXXXxxxxxx2024-05-30verifiedAlto

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (14)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClaseIndicatorEscribeConfianza
1File.kdbgrcpredictiveBajo
2File/resources//../predictiveAlto
3File/xxxxxxx/predictiveMedio
4Filexxxxxxxx/xxxxxxxxxx/xxxxx-xx-xxxxxxxxx-xxxxxxxx.xxxpredictiveAlto
5Filexxxxx.xxxpredictiveMedio
6Filexxxxxxxxxxx-xxxx.xxpredictiveAlto
7Filexxxx.xx.xxpredictiveMedio
8Argumentxxxxxx_xxxxx_xxxpredictiveAlto
9ArgumentxxxpredictiveBajo
10Argumentxxxxxx/xxxxxx_xxxxxxpredictiveAlto
11Input Valuexxxx/xxxxx/xxxxxxxx/xxxxxxx/xx/xxxxxxx/xxxxxxxxxx/xx_xxxxpredictiveAlto
12Input Value\xpredictiveBajo
13Network PortxxxxxpredictiveBajo
14Network Portxxx/xx (xxx)predictiveMedio

Referencias (3)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!