Settore Insurance

Timeframe: -28 days

Default Categories (76): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Asset Management Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Information Management Software, IP Phone Software, JavaScript Library, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Smartphone Operating System, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Sequenza temporale

Fornitore

Linux310
Microsoft138
Not Defined60
Google46
Foxit46

Prodotto

Linux Kernel310
Microsoft Windows102
Foxit PDF Reader46
Microsoft SQL Server26
Google Android22

Contromisure

Official Fix770
Temporary Fix0
Workaround0
Unavailable0
Not Defined108

Sfruttabilità

High8
Functional0
Proof-of-Concept24
Unproven128
Not Defined718

Accesso al vettore

Not Defined0
Physical10
Local140
Adjacent356
Network372

Autenticazione

Not Defined0
High44
Low532
None302

Interazione dell'utente

Not Defined0
Required204
None674

C3BM Index

CVSSv3 Base

≤10
≤20
≤316
≤478
≤5160
≤6292
≤7156
≤8118
≤950
≤108

CVSSv3 Temp

≤10
≤20
≤316
≤484
≤5166
≤6384
≤7130
≤882
≤98
≤108

VulDB

≤10
≤22
≤318
≤4102
≤5166
≤6280
≤7144
≤8110
≤950
≤106

NVD

≤1878
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1704
≤20
≤32
≤42
≤512
≤640
≤736
≤848
≤924
≤1010

Fornitore

≤1742
≤20
≤30
≤40
≤52
≤68
≤720
≤870
≤936
≤100

Exploiter 0 giorni

<1k20
<2k188
<5k42
<10k348
<25k140
<50k118
<100k22
≥100k0

Exploiter aujourd'hui

<1k304
<2k234
<5k144
<10k80
<25k114
<50k2
<100k0
≥100k0

Sfrutta il volume del mercato

IOB - Indicator of Behavior (1000)

Sequenza temporale

Linguaggio

en830
de54
ja34
fr24
zh22

Nazione

us200
de68
gb42
jp38
fr24

Attori

Sandworm6
Mirai4
RedLine Stealer3
AsyncRAT3
Cobalt Strike2

Attività

Interesse

Sequenza temporale

Genere

Router Operating System22
Programming Language Software14
Operating System12
Project Management Software8
Web Server8

Fornitore

Juniper22
Not Defined12
Microsoft10
code-projects8
cym11028

Prodotto

Juniper Junos OS18
cym1102 nginxWebUI8
Juniper Junos OS Evolved8
SourceCodester PHP Task Management System8
Microsoft Windows6

Vulnerabilità

#VulnerabilitàBaseTemp0dayOggiSfrConEPSSCTICVE
1Palo Alto Networks PAN-OS GlobalProtect escalazione di privilegi8.98.7$0-$5k$0-$5kHighOfficial Fix0.0004310.00CVE-2024-3400
2cym1102 nginxWebUI upload escalazione di privilegi4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000005.16CVE-2024-3736
3cym1102 nginxWebUI saveCmd handlePath autenticazione debole7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000003.95CVE-2024-3738
4cym1102 nginxWebUI upload escalazione di privilegi6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000003.82CVE-2024-3739
5cym1102 nginxWebUI addOver findCountByQuery directory traversal6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000003.57CVE-2024-3737
6cym1102 nginxWebUI reload exec escalazione di privilegi6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000003.38CVE-2024-3740
7PHPGurukul Small CRM Registration Page sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000003.25CVE-2024-3691
8Xiamen Four-Faith RMP Router Management Platform sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000002.64CVE-2024-3688
9PHP proc_open escalazione di privilegi7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000001.61-CVE-2024-1874
10PHP password_verify vulnerabilità sconosciuta3.73.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000001.47-CVE-2024-3096
11PHPGurukul Small CRM Change Password sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.35CVE-2024-3690
12PHP Cookie escalazione di privilegi5.65.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000001.16-CVE-2024-2756
13Linux Kernel amdkfd kzalloc buffer overflow5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000001.02CVE-2024-26817
14PHP mb_encode_mimeheader denial of service5.34.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000001.02-CVE-2024-2757
15Node.js child_process.spawn escalazione di privilegi5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.77CVE-2024-27980
16Microsoft Windows DNS Server buffer overflow7.26.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.000430.38CVE-2024-26223
17SourceCodester PHP Task Management System edit-task.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.38CVE-2024-3225
18Juniper cRPD/Juniper Cloud Native Router SSH crittografia debole8.17.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.62CVE-2024-30407
19mysql2 readCodeFor escalazione di privilegi8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.26CVE-2024-21508
20Apache HTTP Server escalazione di privilegi5.35.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000430.13CVE-2023-38709

IOC - Indicator of Compromise (32)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeAttoreGenereFiducia
15.255.115.0/24IcedIDpredictiveAlto
231.42.185.0/24Saint BotpredictiveAlto
345.141.215.0/24RedLine StealerpredictiveAlto
447.103.66.0/24Cobalt StrikepredictiveAlto
5XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
6XX.XXX.XX.X/XXXxxxxpredictiveAlto
7XX.XXX.XX.X/XXXxxxxpredictiveAlto
8XX.XX.XXX.X/XXXxxxxxxxxxpredictiveAlto
9XX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
10XX.XX.XX.X/XXXxxxxxpredictiveAlto
11XXX.XX.XX.X/XXXxxxxxx Xxxxx XxxxxpredictiveAlto
12XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
13XXX.XXX.XXX.X/XXXxxxxxpredictiveAlto
14XXX.XX.XXX.X/XXXxxxxpredictiveAlto
15XXX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
16XXX.XX.XX.X/XXXxxxx XxxpredictiveAlto
17XXX.XXX.X.X/XXXxxxxx XxxxxxpredictiveAlto
18XXX.XXX.XX.X/XXXxxxxx XxxxxxpredictiveAlto
19XXX.XXX.XX.X/XXXxxxxpredictiveAlto
20XXX.XXX.XX.X/XXXxxxxxpredictiveAlto
21XXX.XXX.XXX.X/XXXxxxxxxxxxxxpredictiveAlto
22XXX.XXX.XX.X/XXXxxxxxxxpredictiveAlto
23XXX.XX.XX.X/XXXxxxxpredictiveAlto
24XXX.XX.XXX.X/XXXxxxxxxxxxxpredictiveAlto
25XXX.XXX.XX.X/XXXxxxxxxxpredictiveAlto
26XXX.XXX.XXX.X/XXXxxxpredictiveAlto
27XXX.XXX.XXX.X/XXXxxxx XxxxxxxpredictiveAlto
28XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
29XXX.XX.XXX.X/XXXxxxxxpredictiveAlto
30XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
31XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
32XXX.XXX.XXX.X/XXXxxxxx XxxxxxpredictiveAlto

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitàAccesso al vettoreGenereFiducia
1T1006CWE-22, CWE-23, CWE-25, CWE-35Path TraversalpredictiveAlto
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveAlto
3T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
4T1059CWE-94, CWE-1321Argument InjectionpredictiveAlto
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveAlto
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveAlto
8TXXXX.XXXCWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveAlto
9TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
10TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveAlto
11TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
12TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveAlto
13TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
14TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
15TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
16TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxpredictiveAlto
17TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveAlto
18TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
19TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
20TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
21TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto
22TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
23TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto
24TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveAlto

IOA - Indicator of Attack (130)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorGenereFiducia
1File/adminPage/conf/reloadpredictiveAlto
2File/adminPage/conf/saveCmdpredictiveAlto
3File/adminPage/main/uploadpredictiveAlto
4File/adminPage/www/addOverpredictiveAlto
5File/cart.phppredictiveMedia
6File/description.phppredictiveAlto
7File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=predictiveAlto
8File/etc/passwdpredictiveMedia
9File/index.phppredictiveMedia
10File/loginpredictiveBasso
11File/Product.phppredictiveMedia
12File/sys/kernel/notespredictiveAlto
13Fileactivate_jet_details_form_handler.phppredictiveAlto
14Fileadd-vehicle.phppredictiveAlto
15Fileadmin-manage-user.phppredictiveAlto
16Fileadmin-password-change.phppredictiveAlto
17Fileadmin/books/controller.phppredictiveAlto
18Fileadmin/books/deweydecimal.phppredictiveAlto
19Filexxxxx/xxxxx/xxxxx.xxxpredictiveAlto
20Filexxxxx/xxxxxxxx/xxxxx.xxxpredictiveAlto
21Filexxxxx/xxxxx.xxxpredictiveAlto
22Filexxxxx/xxxxx/xxxxxxxxxx.xxxpredictiveAlto
23Filexxxxxxx/xxx/xxxx/xxxx/xx/xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxx.xxpredictiveAlto
24Filexxxx/xxx/xxxxxx/xxx/xxxx.xpredictiveAlto
25Filexxxx_xxxxxx.xpredictiveAlto
26Filexxxxxxxxxx-xxxx.xxxpredictiveAlto
27Filexxxxx/xxx-xxxxxx.xpredictiveAlto
28Filexxxxx/xxx-xx-xxx.xpredictiveAlto
29Filexxx_xxx.xxxxpredictiveMedia
30Filexxxx_xxxxxxx.xxpredictiveAlto
31Filexxxxxxxxxxxxxx.xxxpredictiveAlto
32Filexxxxxxxxx.xxxpredictiveAlto
33Filexxxxxxx.xxxpredictiveMedia
34Filexxxxxxx/xxxxx/xxxxxxx/xx_xxxxxxxxx.xpredictiveAlto
35Filexxxxxxx/xxxx/xxx/xxxxxx.xpredictiveAlto
36Filexxxx.xpredictiveBasso
37Filexxxx-xxxx.xxxpredictiveAlto
38Filexx/xxxxx/xxxx-xx.xpredictiveAlto
39Filexx/xxxxx/xxxxxxxxxxx.xpredictiveAlto
40Filexx/xxxxx/xxxx-xxx.xpredictiveAlto
41Filexx/xxxx/xxxx.xpredictiveAlto
42FilexxxxxpredictiveBasso
43Filexxxxx_xxxxxxpredictiveMedia
44Filexx/xxx/xxx_xx_xxx.xpredictiveAlto
45Filexxxxxxx/xxxxx/xxxxxx.xpredictiveAlto
46Filexxxxx.xpredictiveBasso
47Filexxxxxx/xxx/xxxxxxx.xpredictiveAlto
48Filexxxxxx/xxx/xxxxx.xpredictiveAlto
49Filexxxxxx/xxx/xxxx.x:predictiveAlto
50Filexxx.xpredictiveBasso
51Filexxxxxxxxx.xxpredictiveMedia
52Filexxx.xpredictiveBasso
53Filexxxxxxx/xxxxxx.xxxpredictiveAlto
54Filexx/xxxx_xxxxx.xpredictiveAlto
55Filexx/xxxxxxxx.xpredictiveAlto
56Filexxx/xxxx/xxx.xpredictiveAlto
57Filexxx/xxxx/xxxxxx.xpredictiveAlto
58Filexxx/xxx/xxx_xxxxxx.xpredictiveAlto
59Filexxx/xxxxxxxxxxx/xxxx.xpredictiveAlto
60Filexxx/xxxxxx/xxxxxxxxxxxxx.xpredictiveAlto
61Filexxxxx.xpredictiveBasso
62Filexxxxx.xpredictiveBasso
63Filexxxxxxxxx.xxxpredictiveAlto
64Filexxxxx/xxx/xxxx/xxxxx-xxx-xxx.xpredictiveAlto
65Filexxxx-xxxxxxx.xxxpredictiveAlto
66Filexxxx_xxxxxx.xxpredictiveAlto
67Filexxx.xpredictiveBasso
68Filexxxxxx-xxxxx.xxxpredictiveAlto
69Filexxxxxx-xxxxxxxx.xxxpredictiveAlto
70Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictiveAlto
71File_xxxxxxxxxx.xpredictiveAlto
72Libraryxxxx/xxx/xxxxxxx/xxx/xxxx.xpredictiveAlto
73Libraryxxxx.xxxpredictiveMedia
74Libraryxxxxxxx/xxxxx/xxxx.xpredictiveAlto
75Libraryxxxxxxx/xxx/xxxx_xxx.xpredictiveAlto
76Libraryxxx/xxx_xxxx.xpredictiveAlto
77Libraryxxx/xxxxxxxxxxxx.xpredictiveAlto
78Libraryxxx/xxxx_xxxxx.xpredictiveAlto
79Libraryxxx/xxx_xxxx.xpredictiveAlto
80Libraryxxx/xxxpredictiveBasso
81Libraryxxx/xxxxxxxxxxx.xpredictiveAlto
82Libraryxxxxxxxx.xxxpredictiveMedia
83Libraryxxxx.xpredictiveBasso
84ArgumentxxxxxxpredictiveBasso
85Argumentxxxxx_xxpredictiveMedia
86ArgumentxxxxpredictiveBasso
87ArgumentxxxxpredictiveBasso
88ArgumentxxxxxxxxxxxxxxxxpredictiveAlto
89Argumentxxxxxxxxxxxxx/xxxxxxxxxpredictiveAlto
90Argumentxx-xxxxxxpredictiveMedia
91ArgumentxxxxxxxxpredictiveMedia
92ArgumentxxxxxxxxpredictiveMedia
93Argumentxx_xxxx_xxxpredictiveMedia
94ArgumentxxxxxxxxxxxpredictiveMedia
95ArgumentxxxpredictiveBasso
96Argumentxxxxxxx_xxxxpredictiveMedia
97ArgumentxxxxpredictiveBasso
98Argumentxxxxxx_xxxxpredictiveMedia
99ArgumentxxxxxxxpredictiveBasso
100Argumentx_xxxxpredictiveBasso
101ArgumentxxxxpredictiveBasso
102ArgumentxxpredictiveBasso
103ArgumentxxpredictiveBasso
104ArgumentxxxxxpredictiveBasso
105Argumentxxx_xxpredictiveBasso
106Argumentxxxxx_xxxpredictiveMedia
107ArgumentxxxxxxxpredictiveBasso
108ArgumentxxxxxxxxpredictiveMedia
109ArgumentxxxxxxxxxpredictiveMedia
110Argumentxxx_xxxxxxpredictiveMedia
111Argumentxxx.xxpredictiveBasso
112ArgumentxxxxxxpredictiveBasso
113Argumentxxx_xxxxxxpredictiveMedia
114Argumentxx_xxxxx_xxxxxxxpredictiveAlto
115Argumentxxxx_xxxxxx_xxxxxpredictiveAlto
116ArgumentxxxxxxxpredictiveBasso
117ArgumentxxxxxxxpredictiveBasso
118Argumentxxxxxxxx/xxxxxxpredictiveAlto
119ArgumentxxxxxxxxxxxpredictiveMedia
120Argumentxxxx_xxxxxxx_xxxxpredictiveAlto
121ArgumentxxxxpredictiveBasso
122Argumentxxxx/xxxxxxxxpredictiveAlto
123Argumentxxxx_xxpredictiveBasso
124Argumentxxxxxx xxxxxpredictiveMedia
125Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxxxxxx/xxxxx_xxxxxxxxpredictiveAlto
126Argumentxxxx_xxxxxpredictiveMedia
127Argumentxxxx_xxpredictiveBasso
128Argumentxxxx_xxxxpredictiveMedia
129ArgumentxxxxxpredictiveBasso
130Argumentx-xxxxxxxxx-xxxpredictiveAlto
PrecedenteVisione D'insiemeIl prossimo

Do you need the next level of professionalism?

Upgrade your account now!