セクター Insurance

Timeframe: -28 days

Default Categories (76): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Asset Management Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Information Management Software, IP Phone Software, JavaScript Library, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Smartphone Operating System, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

タイムライン

ベンダー

Linux358
Microsoft114
Oracle80
Not Defined52
Google50

製品

Linux Kernel358
Microsoft Windows70
Foxit PDF Reader48
Google Chrome28
Juniper Junos OS28

修復

Official Fix864
Temporary Fix0
Workaround2
Unavailable0
Not Defined124

悪用可能性

High4
Functional2
Proof-of-Concept42
Unproven100
Not Defined842

アクセスベクター

Not Defined0
Physical8
Local148
Adjacent398
Network436

認証

Not Defined0
High82
Low604
None304

ユーザー操作

Not Defined0
Required206
None784

C3BM Index

CVSSv3 Base

≤10
≤20
≤326
≤494
≤5242
≤6282
≤7156
≤8138
≤948
≤104

CVSSv3 Temp

≤10
≤20
≤326
≤4104
≤5236
≤6386
≤7112
≤8110
≤912
≤104

VulDB

≤10
≤20
≤334
≤4114
≤5234
≤6264
≤7162
≤8142
≤936
≤104

NVD

≤1990
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1714
≤22
≤34
≤418
≤548
≤664
≤740
≤866
≤926
≤108

ベンダー

≤1884
≤20
≤30
≤40
≤56
≤68
≤712
≤846
≤934
≤100

0dayエクスプロイト

<1k26
<2k208
<5k36
<10k444
<25k158
<50k96
<100k22
≥100k0

本日のエクスプロイト

<1k346
<2k236
<5k224
<10k106
<25k72
<50k6
<100k0
≥100k0

闇ツールの市場規模

IOB - Indicator of Behavior (1000)

タイムライン

言語

en572
de136
ja100
ru58
fr44

国・地域

us246
de110
jp108
ru78
gb64

アクター

Cobalt Strike2
DPRK1
Shade1
Havoc1
Cerber1

アクティビティ

関心

タイムライン

タイプ

Operating System52
Web Browser20
Database Software18
Router Operating System16
Web Server12

ベンダー

Microsoft32
Oracle28
Linux24
Google14
Not Defined14

製品

Microsoft Windows26
Linux Kernel24
Google Chrome12
cym1102 nginxWebUI8
Tormach xsTECH CNC Router8

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1GNU C Library iconv メモリ破損5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000454.09CVE-2024-2961
2Vesystem Cloud Desktop fileupload2.php 特権昇格6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000453.06CVE-2024-3804
3Vesystem Cloud Desktop fileupload.php 特権昇格6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000452.91CVE-2024-3803
4PHP proc_open 特権昇格7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000001.39CVE-2024-1874
5PHP password_verify 未知の脆弱性3.73.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000001.21CVE-2024-3096
6PHP Cookie 特権昇格5.65.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000001.03CVE-2024-2756
7Backdoor.Win32.Dumador.c FTP Server メモリ破損6.35.6$0-$5k$0-$5kProof-of-ConceptWorkaround0.000000.53
8mysql2 readCodeFor 特権昇格9.89.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.71CVE-2024-21511
9PHP mb_encode_mimeheader サービス拒否5.34.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000000.46CVE-2024-2757
10Palo Alto Networks PAN-OS GlobalProtect 特権昇格8.98.7$0-$5k$0-$5kHighOfficial Fix0.936570.60CVE-2024-3400
11PuTTY ECDSA Nonce Generation 情報の漏洩3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000460.43CVE-2024-31497
12Tormach xsTECH CNC Router Commands サービス拒否3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.000000.07CVE-2024-22815
13Oracle VM VirtualBox Core Local Privilege Escalation7.87.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.32CVE-2024-21111
14Google Chrome QUIC メモリ破損6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000590.28CVE-2024-3837
15OpenStack Storlets yoga-eom gateway.py メモリ破損6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.21CVE-2024-28717
16IBM QRadar Suite Software/Cloud Pak for Security Web UI クロスサイトスクリプティング4.44.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.32+CVE-2023-47731
17Google Chrome Downloads メモリ破損6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000590.24CVE-2024-3834
18Node.js child_process.spawn 特権昇格5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.32CVE-2024-27980
19Oracle MySQL Connectors サービス拒否7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000460.25CVE-2024-21090
20Welotec SMART EMS/VPN Security Suite 特権昇格5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.28+CVE-2024-3911

IOC - Indicator of Compromise (16)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeアクタータイプ信頼度
13.75.210.0/24Cobalt Strikepredictive
25.253.63.0/24RedLine Stealerpredictive
3X.XXX.XXX.X/XXXxxxxxpredictive
4XX.XXX.XX.X/XXXxx Xxxxxpredictive
5XX.XX.XXX.X/XXXxxxxxxpredictive
6XX.XXX.XX.X/XXXxxxxxpredictive
7XXX.XXX.XXX.X/XXXxxxxxxxpredictive
8XXX.X.XXX.X/XXXxxxxxpredictive
9XXX.XXX.XXX.X/XXXxxxxpredictive
10XXX.XX.XX.X/XXXxxxxxx Xxxxxxpredictive
11XXX.XXX.XXX.X/XXXxxxx Xxxxxxxpredictive
12XXX.XXX.XXX.X/XXXxxxxxxxx Xxxxxxpredictive
13XXX.XXX.XXX.X/XXXxxxxxxx Xxxpredictive
14XXX.XX.XX.X/XXXxxxxpredictive
15XXX.XXX.XX.X/XXXxxxpredictive
16XXX.X.XX.X/XXXxxxxpredictive

TTP - Tactics, Techniques, Procedures (26)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1006CAPEC-126CWE-22, CWE-23, CWE-25, CWE-35Path Traversalpredictive
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictive
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath Expressionspredictive
4T1059CAPEC-137CWE-88, CWE-94, CWE-1321Argument Injectionpredictive
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site Scriptingpredictive
6T1068CAPEC-104CWE-250, CWE-269, CWE-274, CWE-284Execution with Unnecessary Privilegespredictive
7TXXXX.XXXCAPEC-0CWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictive
8TXXXX.XXXCAPEC-16CWE-XXX, CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
9TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
10TXXXX.XXXCAPEC-178CWE-XXXXxxx Xxxxxxxxpredictive
11TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictive
12TXXXXCAPEC-108CWE-XX, CWE-XXXxx Xxxxxxxxxpredictive
13TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
14TXXXXCAPEC-102CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
15TXXXXCAPEC-0CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxpredictive
16TXXXX.XXXCAPEC-120CWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx Xxxxxxxxpredictive
17TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxpredictive
18TXXXXCAPEC-38CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictive
19TXXXX.XXXCAPEC-0CWE-XXXXxxxxxxx Xxxxxx Xxxxpredictive
20TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
21TXXXXCAPEC-464CWE-XXXXxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx Xxxxxpredictive
22TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
23TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
24TXXXX.XXXCAPEC-0CWE-XXXXxx Xxxxxxxxxx Xxxxxpredictive
25TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive
26TXXXXCAPEC-0CWE-XXXXxxxxxxxxxx Xxxxxxpredictive

IOA - Indicator of Attack (138)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/adminPage/conf/reloadpredictive
2File/adminPage/conf/saveCmdpredictive
3File/adminPage/main/uploadpredictive
4File/adminPage/www/addOverpredictive
5File/cart.phppredictive
6File/CMD0/xml_modes.xmlpredictive
7File/description.phppredictive
8File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=predictive
9File/etc/passwdpredictive
10File/index.phppredictive
11File/loginpredictive
12File/Product.phppredictive
13File/Public/webuploader/0.1.5/server/fileupload.phppredictive
14File/Public/webuploader/0.1.5/server/fileupload2.phppredictive
15File/sys/kernel/notespredictive
16File/u/:username/activity/reactionspredictive
17File/webeditor/predictive
18Fileactivate_jet_details_form_handler.phppredictive
19Fileadd-vehicle.phppredictive
20Filexxxxx-xxxxxx-xxxx.xxxpredictive
21Filexxxxx-xxxxxxxx-xxxxxx.xxxpredictive
22Filexxxxx/xxxxx/xxxxxxxxxx.xxxpredictive
23Filexxxxx/xxxxx/xxxxxxxxxxxx.xxxpredictive
24Filexxxxx/xxxxx/xxxxx.xxxpredictive
25Filexxxxx/xxxxxxxx/xxxxx.xxxpredictive
26Filexxxxx/xxxxx.xxxpredictive
27Filexxxxx/xxxxx/xxxxxxxxxx.xxxpredictive
28Filexxxxxxx/xxx/xxxx/xxxx/xx/xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxx.xxpredictive
29Filexxxx_xxxxxx.xpredictive
30Filexxxxxxxxxx-xxxx.xxxpredictive
31Filexxxxx/xxx-xxxxxx.xpredictive
32Filexxxxx/xxx-xx-xxx.xpredictive
33Filexxx_xxx.xxxxpredictive
34Filexxxx_xxxxxxx.xxpredictive
35Filexxxxxx/xxxxxx_xxxxxx.xpredictive
36Filexx_xxx.xpredictive
37Filexxxxxxxxxxxxxx.xxxpredictive
38Filexxxxxxxxx.xxxpredictive
39Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx_xxxx.xpredictive
40Filexxxxxxx/xxx/xxxx/xxx.xpredictive
41Filexxxxxxx/xxxxx/xxxxxxx/xx_xxxxxxxxx.xpredictive
42Filexxxxxxx/xxxx/xxx/xxxxxx.xpredictive
43Filexxxx.xpredictive
44Filexxxx-xxxx.xxxpredictive
45Filexx/xxxxx/xxxx-xx.xpredictive
46Filexx/xxxx/xxxx.xpredictive
47Filexxxxxxx.xxpredictive
48Filexxxxxpredictive
49Filexxxxx_xxxxxxpredictive
50Filexx/xxx/xxx_xx_xxx.xpredictive
51Filexxxxxxx/xxxxx/xxxxxxxxxxxx.xpredictive
52Filexxxxxxx/xxxxx/xxxxxx.xpredictive
53Filexxxxx.xpredictive
54Filexxxxxx/xxx/xxxxxx.xpredictive
55Filexxxxxx/xxx/xxxxxxx.xpredictive
56Filexxxxxx/xxx/xxxxx.xpredictive
57Filexxxxxx/xxxx_xxxxx.xpredictive
58Filexxxxxx/xxx/xxxx.x:predictive
59Filexxx.xpredictive
60Filexxxxxxxxx.xxpredictive
61Filexxx.xpredictive
62Filexxxxxxx/xxxxxx.xxxpredictive
63Filexx/xxxx_xxxxx.xpredictive
64Filexx/xxxxxxxx.xpredictive
65Filexxx/xxx/xxx_xxxxxx.xpredictive
66Filexxx/xxxxxx/xxxxxxxxxxxxx.xpredictive
67Filexxxxx.xpredictive
68Filexxxxx.xpredictive
69Filexxxxxxxxx.xxxpredictive
70Filexxx.xpredictive
71Filexxxxx/xxx/xxxx/xxxxx-xxx-xxx.xpredictive
72Filexxxxx_xxxx.xpredictive
73Filexxxx-xxxxxxx.xxxpredictive
74Filexxxx_xxxxxx.xxpredictive
75Filexxx.xpredictive
76Filexxxxxx-xxxxx.xxxpredictive
77Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictive
78File_xxxxxxxxxx.xpredictive
79Libraryxxxx.xxxpredictive
80Libraryxxxxxxx/xxx/xxxx_xxx.xpredictive
81Libraryxxx/xxxxxxxxxxxx.xpredictive
82Libraryxxx/xxxx_xxxxx.xpredictive
83Libraryxxx/xxx_xxxx.xpredictive
84Libraryxxx/xxxx_xxxxx.xpredictive
85Libraryxxx/xxxxxx.xpredictive
86Libraryxxx/xxx_xxxxxxx.xpredictive
87Libraryxxx/xxxxxxxxxxx.xpredictive
88Libraryxxx/xxxxxxxx.xpredictive
89Libraryxxxxxxxx.xxxpredictive
90Libraryxxxx.xpredictive
91Libraryxxxx-xxxxxx.xxxpredictive
92Argumentxxxxxxpredictive
93Argumentxxxxx_xxpredictive
94Argumentxxxxpredictive
95Argumentxxxxpredictive
96Argumentxxxxxxxxxxxxxxxxpredictive
97Argumentxxxxxxxxxxxxx/xxxxxxxxxpredictive
98Argumentxx-xxxxxxpredictive
99Argumentxxxxxxxxpredictive
100Argumentxx_xxxx_xxxpredictive
101Argumentxxxxxxxxxxxpredictive
102Argumentxxxpredictive
103Argumentxxxxxxxpredictive
104Argumentxxxxxxx_xxxxpredictive
105Argumentxxxxpredictive
106Argumentxxxxxx_xxxxpredictive
107Argumentxxxxxxxpredictive
108Argumentxxxxpredictive
109Argumentxxpredictive
110Argumentxxpredictive
111Argumentxx/xxx/xxxxxpredictive
112Argumentxxxxxpredictive
113Argumentxxx_xxpredictive
114Argumentxxx_xxxxxxxpredictive
115Argumentxxxxx_xxxpredictive
116Argumentxxxxxxxpredictive
117Argumentxxxxxxxxpredictive
118Argumentxxxxxxxxxpredictive
119Argumentxxx_xxxxxxpredictive
120Argumentxxxxxxpredictive
121Argumentxxxxxxx_xxxxx_xxxxxxpredictive
122Argumentxxxxxxxpredictive
123Argumentxxxxxxxpredictive
124Argumentxxxxxxxx/xxxxxxpredictive
125Argumentxxxxxpredictive
126Argumentxxxxxxxxxxxpredictive
127Argumentxxxx_xxxxxxx_xxxxpredictive
128Argumentxxxxpredictive
129Argumentxxxx/xxxxxxxxpredictive
130Argumentxxxx_xxpredictive
131Argumentxxxxxxxxpredictive
132Argumentxxxxxx xxxxxpredictive
133Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxxxxxx/xxxxx_xxxxxxxxpredictive
134Argumentxxxx_xxxxxpredictive
135Argumentxxxx_xxpredictive
136Argumentxxxx_xxxxpredictive
137Argumentxxxxxpredictive
138Argumentx-xxxxxxxxx-xxxpredictive
概要

Do you know our Splunk app?

Download it now for free!