Pykspa 解析

IOB - Indicator of Behavior (540)

タイムライン

言語

es434
en102
fr2
de2

国・地域

es484
us42
ce6
cn4

アクター

アクティビティ

関心

タイムライン

タイプ

ベンダー

製品

Samsung Smart Phone20
Microsoft Windows14
Apple iOS8
Schneider Electric Modicon M3408
Schneider Electric Modicon M5808

脆弱性

#脆弱性BaseTemp0day本日修復CTIEPSSCVE
1Keycloak Login 特権昇格5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00000CVE-2022-2232
2Boa Terminal 特権昇格5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.050.02395CVE-2009-4496
3polkit pkexec 特権昇格8.88.1$0-$5k$0-$5kProof-of-ConceptWorkaround0.030.00046CVE-2021-4034
4SnakeYAML YAML File Parser メモリ破損5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.050.00274CVE-2022-38752
5Facebook WhatsApp/WhatsApp Business/WhatsApp Desktop Call メモリ破損7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00097CVE-2021-24042
6HPE Arcsight Logger Stored クロスサイトスクリプティング5.05.1$5k-$25k計算中Not DefinedOfficial Fix0.000.00059CVE-2019-3485
7Technicolor TC7200.TH2v2 Credentials 特権昇格7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.040.00406CVE-2018-20393
8Facebook WhatsApp/WhatsApp Business Video Call メモリ破損7.06.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00310CVE-2020-1909
9EmbedThis HTTP Library/Appweb httpLib.c authCondition 弱い認証7.77.5$0-$5k$0-$5kHighOfficial Fix0.040.00927CVE-2018-8715
10Zeus Zeus Web Server メモリ破損10.09.0$0-$5k計算中Proof-of-ConceptOfficial Fix0.020.11877CVE-2010-0359
11SnakeYAML Constructor 特権昇格8.18.1$0-$5k$0-$5kNot DefinedNot Defined0.060.00811CVE-2022-1471
12Velneo vClient 弱い認証5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00087CVE-2021-45035
13Zyxel USG/ZyWALL 弱い認証9.89.8$5k-$25k$5k-$25kNot DefinedNot Defined0.020.08015CVE-2022-0342
14Microsoft Exchange Server Remote Code Execution7.36.8$25k-$100k$0-$5kFunctionalOfficial Fix0.040.68382CVE-2021-26857
15Meta WhatsApp/WhatsApp Business Image Blurring メモリ破損8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00201CVE-2021-24041
16Acme Mini HTTPd Terminal 特権昇格5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.040.00303CVE-2009-4490
17OpenSSL Stitched Ciphersuite d1_pkt.c SSL_shutdown 情報の漏洩5.75.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00805CVE-2019-1559
18Zeus Zeus Web Server Admin Server クロスサイトスクリプティング4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00101CVE-2010-0363
19Keycloak Account Lockout サービス拒否3.63.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00043CVE-2024-1722
20Fortinet FortiOS SSL-VPN メモリ破損9.89.6$25k-$100k$25k-$100kHighOfficial Fix0.080.02287CVE-2024-21762

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique脆弱性アクセスベクタータイプ信頼度
1T1006CWE-21, CWE-22, CWE-23Path Traversalpredictive
2T1040CWE-319Authentication Bypass by Capture-replaypredictive
3T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictive
4T1059CWE-94, CWE-1321Argument Injectionpredictive
5T1059.007CWE-79, CWE-80Cross Site Scriptingpredictive
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictive
8TXXXX.XXXCWE-XXX, CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
9TXXXX.XXXCWE-XXXXxx-xxx Xxxx Xxxxxxx Xxxxpredictive
10TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
11TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictive
12TXXXXCWE-XXX7xx Xxxxxxxx Xxxxxxxxpredictive
13TXXXXCWE-XXXXxxxxxxxxx Xxxxxxpredictive
14TXXXXCWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx Xxxxxpredictive
15TXXXXCWE-XX, CWE-XXXxx Xxxxxxxxxpredictive
16TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
17TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
18TXXXXCWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictive
19TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
20TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
21TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictive
22TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
23TXXXX.XXXCWE-XXX, CWE-XXXXxx Xxxxxxxxxx Xxxxxpredictive
24TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (122)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/.ssh/authorized_keyspredictive
2File//etc/RT2870STA.datpredictive
3File/cgi-bin/luci;stok=/localepredictive
4File/cgi-bin/wapopenpredictive
5File/classes/Users.php?f=savepredictive
6File/HNAP1predictive
7File/index.phppredictive
8File/mgmt/tm/util/bashpredictive
9File/opt/zimbra/jetty/webapps/zimbra/publicpredictive
10File/setSystemAdminpredictive
11File/sp/ListSp.phppredictive
12File/updown/upload.cgipredictive
13File/usr/bin/pkexecpredictive
14File?x=xxxxxxxxx/xxxxxxxx/xxxxxxxxpredictive
15Filexxx.xpredictive
16Filexxxxx.xpredictive
17Filexxx/xxxxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxxxxxxx.xxxpredictive
18Filexxx/xxxxxxxxxx/xxxxxxxxxxxxxxx.xxxpredictive
19Filexxx/xxxxxxxxx/xxxxxxx/xxxxxx-xxxxxx.xxxpredictive
20Filexxx/xxxxx/xxxxxxxxx.xxxpredictive
21Filexxx/xxxxxxxx/xxxxxxx_xxxxxx_xxxxxxx.xxpredictive
22Filexxx_xxxxxxxxx.xxxpredictive
23Filexxxx-xxxx.xpredictive
24Filexxxx.xxxpredictive
25Filexxxxxxxx/xx.xpredictive
26Filexxxxx_xxxxxxxx.xpredictive
27Filexxxxxpredictive
28Filexxx-xxx/xx_xxxxxx_xxxxxx.xxxpredictive
29Filexxxxxxxxxx.xxxpredictive
30Filexxx/xxxxxxx/xx/xxxx/xxx/xxxxxxxxxxxxxxxxxx.xxxxpredictive
31Filexxxxxx.xxxpredictive
32Filex_xxxxxxpredictive
33Filexxxxxx_x_x.xxxpredictive
34Filexxxxx.xpredictive
35Filexxxx_xxx_xxxx.xxxpredictive
36Filexxxxxxxx.xxxpredictive
37Filexxxxxxxxxx.xxxpredictive
38Filexxx_xxxxxx.xxxpredictive
39Filexxx/xxxxx.xpredictive
40Filexxxx.xpredictive
41Filexxxx/xxxpredictive
42Filexxxx/xxxxxxx.xxxxpredictive
43Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxxx.xxxpredictive
44Filexxxxx.xxxpredictive
45Filexxxxx.xxx/xxxxxxxxxx/xxx_xxxxxxxxpredictive
46Filexxxxxxx.xpredictive
47Filexxxxxxxxxx/xxxx.xpredictive
48Filexxxx.xxxxpredictive
49Filexxxxxxx.xxxpredictive
50Filexx_xxxxxxxxxxxxxx.xpredictive
51Filexxxxxxx/xxxx-xxxx/xxxxx/xxxxxxxxxx.xxpredictive
52Filexxxxxxx.xpredictive
53Filexxxxxx.xxpredictive
54Filexxxxxxxxxxxxx.xxxpredictive
55Filexxxxxxx/xxxxxxxx/xxxxxx-xxxxxx.xpredictive
56Filexxxxx.xpredictive
57Filexxxxxxxxxxxx.xxxpredictive
58Filexxxxxx.xpredictive
59Filexxxx_xxx_xx.xpredictive
60Filexxx.xpredictive
61Filexxxxxx.xpredictive
62Filexxxx-xxxxxx.xpredictive
63Filexxxxxxxxxxxxxxx/xxxxxxxxxxxx.xxxpredictive
64Filexxx/xx_xxx.xpredictive
65Filexxxxxxxxxxxxxxxx.xxxxpredictive
66Filexxxx.xxxpredictive
67Filexxxx/xxx/xxxx-xxxxx.xxxpredictive
68Filexxxx.xxxpredictive
69Filexxxxxxx.xxxpredictive
70Filexxxxxxxx.xxxpredictive
71Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictive
72Filexxxx/xxxx_xxxxxx.xpredictive
73Library/xxxxxxx/xxxxxxx.xxxpredictive
74Libraryxxxx/xxxxxxx.xpredictive
75Libraryxxxxxxxxxpredictive
76Libraryxxxxxxxx.xxxpredictive
77Libraryxxxxx.xxxpredictive
78Libraryxxxxxxx.xxxpredictive
79Argument-xxpredictive
80Argumentxxxxxxxpredictive
81Argumentxxxxxxxpredictive
82Argumentxxxxxxpredictive
83Argumentxxxxxxxpredictive
84Argumentxxxxxxxpredictive
85Argumentxxxxxxxxxxpredictive
86Argumentxxxx_xxxpredictive
87Argumentxxxxxxxxxxxpredictive
88Argumentxxxxxxxxxxxpredictive
89Argumentxxxxxxxpredictive
90Argumentxxxxxx_xxxxxxxxpredictive
91Argumentxxxxxxxxxxx xxxx/xxxxxxxxxxx xxxx/xxxxxxxxxxx xxxx/xxxxxxx/xxxxxxx/xxxxxxx/xxxxxxx/xxxxxx/xxxxxx/xxxxx xx/xxxxxxxxxx x xxx x xxxxxx xxxxxxxx/xxxxxxxxxx xxx xx xxxxxx xxxxxxxx/xxxxxxxxxx xxx+ xx xxxxxx xxxxxxxxpredictive
92Argumentxxxxxxxxxxpredictive
93Argumentxxpredictive
94Argumentxxpredictive
95Argumentxxx_xxxxpredictive
96Argumentxxxxxpredictive
97Argumentxxxxxxx_xxx_xxxxxx/xxxxxxxxxx_xxxxxxxxxxpredictive
98Argumentxxxxxxxxpredictive
99Argumentxxxxxxxxxxxxpredictive
100Argumentxxxxxx_xxxxpredictive
101Argumentxxxxxxx_xxxxpredictive
102Argumentxxxxxx_xxxx_xxxxpredictive
103Argumentxxxxxxxxxpredictive
104Argumentxxxxpredictive
105Argumentxxxxxxxxxxxxxxxxxxxxxxxxpredictive
106Argumentxxxx_xxxxxxpredictive
107Argumentxxxxxxxxpredictive
108Argumentxxxx_xxxxxx_xxxxpredictive
109Argumentxxxxxxxxpredictive
110Argumentxxxxxxxx/xxxxxxxxpredictive
111Argumentxxxxxxxxxxxxpredictive
112Argumentxxxxpredictive
113Argumentxxxxxxxxxxxxxpredictive
114Argumentxxxxxpredictive
115Argumentx-xxxxxxxxx-xxxpredictive
116Argumentx-xxxx-xxxxxpredictive
117Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictive
118Input Value../..predictive
119Input Valuexxxx%xx%xxxxx%xx(xxxxxx%xxxxxx%xxxxxx%xx(xxxxxx(xxxxx(x)))xxxx)%xxxxx%xx%xxxxxx%xx=%xxxxxxpredictive
120Network Portxxx/xxxxpredictive
121Network Portxxx/xxxxpredictive
122Network Portxxx/xxxxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!