Sednit 解析

IOB - Indicator of Behavior (93)

タイムライン

言語

en68
de10
es10
ru4
sv2

国・地域

us44
ru12
gb6
es6
de4

アクター

アクティビティ

関心

タイムライン

タイプ

ベンダー

製品

Apache HTTP Server6
Piwigo4
Apple macOS4
Microsoft IIS4
Microsoft Windows4

脆弱性

#脆弱性BaseTemp0day本日修復CTIEPSSCVE
1Apple macOS Sudo メモリ破損6.56.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.97085CVE-2021-3156
2Microsoft IIS FastCGI メモリ破損7.37.0$25k-$100k$0-$5kNot DefinedOfficial Fix0.020.28264CVE-2010-2730
3Microsoft IIS クロスサイトスクリプティング5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000.00548CVE-2017-0055
4Apache HTTP Server mod_cgid サービス拒否5.34.6$5k-$25k$0-$5kUnprovenOfficial Fix0.020.31292CVE-2014-0231
5Drupal SQLインジェクション7.37.0$0-$5k$0-$5kHighOfficial Fix0.000.00135CVE-2008-2999
6MariaDB init_expr_cache_tracker メモリ破損5.55.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00095CVE-2022-32083
7TikiWiki tiki-register.php 特権昇格7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.610.01009CVE-2006-6168
8Django Admin Interface debug.py クロスサイトスクリプティング6.15.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00370CVE-2016-6186
9Mendelson OFTP2 Upload Directory ディレクトリトラバーサル4.64.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00090CVE-2022-27906
10Cisco IP Phone 6800/IP Phone 7800/IP Phone 8800 サービス拒否7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00172CVE-2023-20079
11Cisco IP Phone 6800/IP Phone 7800/IP Phone 8800 特権昇格9.89.7$5k-$25k$5k-$25kNot DefinedOfficial Fix0.000.00327CVE-2023-20078
12Serendipity exit.php 特権昇格6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.060.00000
13Bitrix Site Manager redirect.php 特権昇格5.34.7$0-$5k$0-$5kUnprovenUnavailable0.000.00113CVE-2008-2052
14OpenBB read.php SQLインジェクション7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00250CVE-2005-1612
15PHPWind goto.php Redirect6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.060.00348CVE-2015-4134
16eSyndicat Directory Software suggest-listing.php クロスサイトスクリプティング3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.090.00000
17iRZ RUH2 Firmware Patch 弱い認証6.76.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00226CVE-2016-2309
18Joomla SQLインジェクション6.36.3$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00142CVE-2022-23797
19SnakeYAML YAML File メモリ破損3.13.0$0-$5k$0-$5kNot DefinedNot Defined0.000.00102CVE-2022-41854
20Arista EOS eAPI 弱い認証5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.060.00269CVE-2021-28503

キャンペーン (1)

These are the campaigns that can be associated with the actor:

  • Sednit

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (46)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/+CSCOE+/logon.htmlpredictive
2File/etc/config/image_signpredictive
3File/home/httpd/cgi-bin/cgi.cgipredictive
4File/htdocs/web/getcfg.phppredictive
5File/uncpath/predictive
6Fileadmin/admin.shtmlpredictive
7Filexxxxx/xxxxxxxx.xxxpredictive
8Filexxxxx/xxxxxxxxx.xxxpredictive
9Filexxxx.xxxpredictive
10Filexxx/xxxx/xxx/xxxxx_xxxx.xpredictive
11Filexxx/xxxx/xxxx.xpredictive
12Filexxx/xxxxxxxx/xxxx_xxxxx.xpredictive
13Filexxxx.xxxpredictive
14Filexxxxxxxxxxxxxx.xxxpredictive
15Filexxxxx.xxxpredictive
16Filexxxxx.xxx?x=/xxxx/xxxxxxxxpredictive
17Filexxxxxx.xpredictive
18Filexxx/xxxx/xxxx.xpredictive
19Filexxxxx:xxxxxxxxxxx.xxpredictive
20Filexxxx.xxxpredictive
21Filexxxxxxxx.xxxpredictive
22Filexxxxxxxx.xxxpredictive
23Filexx-xxxxxxx.xxxpredictive
24Filexxx.xxxpredictive
25Filexxxxxxxxxxx.xpredictive
26Filexxxxxx_xxxxxxxxxx_xxxxxxxx_xxxxxxx_xxxxxxxx.xpredictive
27Filexxxxxxx-xxxxxxx.xxxpredictive
28Filexxxx-xxxxxxxx.xxxpredictive
29Filexxx.xxxpredictive
30Filexxxxx/xxxxx.xxpredictive
31Filexxxxxxx/xxxxxx/xxxxx/xxxxxxx/xxx/xxx.xxxpredictive
32Filexxxxxxx.xxxpredictive
33Argumentxxxxpredictive
34Argumentxxxxxxxxxpredictive
35Argumentxxxxxxxxpredictive
36Argumentxxxxxx/xxxxxpredictive
37Argumentxxxpredictive
38Argumentxxxpredictive
39Argumentxxxxxxxpredictive
40Argumentxxxpredictive
41Argumentxxxxxpredictive
42Argumentxxxpredictive
43Argumentxxxx_xxxxxxxxx/xxxx_xxxxxxxxpredictive
44Argumentx=/predictive
45Input Valuexxxxxx/**/xxxx.predictive
46Input Value…/.predictive

参考 (3)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!