Denonia Analiza

IOB - Indicator of Behavior (105)

Oś czasu

Język

en22
pt18
it18
zh10
de10

Kraj

de106

Aktorzy

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Sprzedawca

Produkt

Serpico6
PHP Scripts Mall Citysearch Clone Script2
PHP Scripts Mall Hotfrog Clone Script2
PHP Scripts Mall Gelbeseiten Clone Script2
LabVantage LIMS2

Luki w zabezpieczeniach

#Słaby punktBaseTemp0dayDzisiajWykPrzCTIEPSSCVE
1Zoom Screen Sharing information disclosure4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.080.00183CVE-2021-28133
2Serpico cross site request forgery6.56.2$0-$5kObliczenieProof-of-ConceptUnavailable0.000.00073CVE-2019-19854
3TopManage OLK Session Cookie cross site scripting5.24.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00291CVE-2020-6845
4Serpico privilege escalation5.34.9$0-$5k$0-$5kNot DefinedNot Defined0.000.00084CVE-2019-19859
5BACKCLICK Professional cross site scripting4.84.7$0-$5k$0-$5kNot DefinedNot Defined0.000.00063CVE-2022-44002
6Serpico Password Change information disclosure6.45.9$0-$5k$0-$5kNot DefinedNot Defined0.000.00072CVE-2019-19857
7LabVantage LIMS Database Name information disclosure5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.03584CVE-2020-7959
8Serpico list_user Stored cross site scripting3.63.5$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00050CVE-2019-19856
9CIMTechniques CIMScan SOAP WSDL Parser GetSqlData sql injection8.48.4$0-$5k$0-$5kHighNot Defined0.000.00256CVE-2018-16803
10Serpico list_user Stored cross site scripting3.63.6$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00050CVE-2019-19855
11Jason2605 AdminPanel editPlayer.php sql injection8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00127CVE-2020-13433
12Serpico UID Stored cross site scripting3.63.5$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00050CVE-2019-19858
13QuickBox Pro cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00078CVE-2021-45281
14PHP Scripts Mall Citysearch Clone Script restaurants-details.php Reflected cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.000.00070CVE-2019-6248
15WordPress Thumbnail privilege escalation7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00990CVE-2018-1000773
16Automattic Jetpack sql injection7.37.3$0-$5kObliczenieHighUnavailable0.020.00064CVE-2011-4673
17Apache Tomcat Servlets privilege escalation5.95.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00119CVE-2018-1305

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDadres IPHostnameAktorKampanieIdentifiedRodzajPewność siebie
1116.203.4.0static.0.4.203.116.clients.your-server.deDenonia2022-04-07verifiedWysoki
2XXX.XXX.XX.XXxxxxx.xxxx.xxxx.xxXxxxxxx2022-04-07verifiedWysoki
3XXX.XX.XXX.XXx.xx.xxxxxxx.xxxXxxxxxx2022-04-07verifiedWysoki

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueLuki w zabezpieczeniachWektor dostępuRodzajPewność siebie
1T1059.007CWE-79Cross Site ScriptingpredictiveWysoki
2TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
3TXXXXCWE-XXXxx XxxxxxxxxpredictiveWysoki
4TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
5TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki

IOA - Indicator of Attack (11)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1Fileadmin/add_user/UIDpredictiveWysoki
2Fileadmin/list_userpredictiveWysoki
3Filexxxxxxxxxxxxx.xxx?xxxxxxxxxx=xxxpredictiveWysoki
4Filexxxxxxxxxx.xxxpredictiveWysoki
5Filexxxxxxxxxxx-xxxxxxx.xxxpredictiveWysoki
6ArgumentxxxxxxpredictiveNiski
7Argumentxxxx_xxxxpredictiveMedium
8ArgumentxxxxxxpredictiveNiski
9ArgumentxxpredictiveNiski
10ArgumentxxxxpredictiveNiski
11ArgumentxxxxpredictiveNiski

Referencje (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!