Lebanese Cedar Analiza

IOB - Indicator of Behavior (52)

Oś czasu

Język

en46
fr4
de2

Kraj

Aktorzy

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Sprzedawca

Produkt

Joomla CMS2
Adobe Digital Editions2
OpenJPEG2
Friends in War Make2
Break2

Luki w zabezpieczeniach

#Słaby punktBaseTemp0dayDzisiajWykPrzCTIEPSSCVE
1OpenSSL Pointer Arithmetic memory corruption9.89.6$25k-$100k$0-$5kNot DefinedOfficial Fix0.030.13651CVE-2016-2177
2Image Sharing Script followBoard.php Error sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00000
3Image Sharing Script postComment.php Stored cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00000
4PHP Rental Classifieds Script sql injection6.35.8$0-$5k$0-$5kNot DefinedNot Defined0.000.00000
5GeniXCMS register.php sql injection7.37.1$0-$5k$0-$5kNot DefinedOfficial Fix0.050.00171CVE-2016-10096
6Dreambox DM500 Web Server privilege escalation7.56.8$25k-$100k$0-$5kProof-of-ConceptWorkaround0.040.02506CVE-2008-3936
7KeystoneJS CSRF Prevention cross site request forgery6.56.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.00232CVE-2017-16570
8Moodle Assignment Submission Page cross site scripting5.24.9$5k-$25kObliczenieNot DefinedOfficial Fix0.000.00076CVE-2017-2578
9Friends in War Make/Break index.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00000
10Serendipity functions_entries.inc.php sql injection7.57.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00144CVE-2017-5609
11Image Sharing Script searchpin.php Reflected cross site scripting3.53.2$0-$5kObliczenieProof-of-ConceptNot Defined0.000.00000
12b2evolution javascript URL _markdown.plugin.php cross site scripting4.44.4$0-$5kObliczenieNot DefinedOfficial Fix0.030.00078CVE-2017-5553
13Joomla CMS com_blog_calendar index.php sql injection6.36.1$5k-$25k$0-$5kNot DefinedNot Defined0.030.00000
14IrfanView TOOLS Plugin memory corruption7.07.0$0-$5k$0-$5kNot DefinedNot Defined0.000.00109CVE-2017-9919
15Google Chrome File Download Malware privilege escalation6.46.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.00706CVE-2018-6115
16Cisco Aironet 1800/Aironet 2800/Aironet 3800 SSH Account privilege escalation6.96.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00351CVE-2018-0226
17Microsoft Internet Explorer memory corruption6.05.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.14010CVE-2019-0940
18Microsoft Internet Explorer memory corruption7.16.8$25k-$100k$0-$5kNot DefinedOfficial Fix0.030.00704CVE-2017-11827
19PostgreSQL Query privilege escalation7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00477CVE-2018-1058
20SimpleSAMLphp saml2 validateSignature denial of service7.87.4$0-$5kObliczenieNot DefinedOfficial Fix0.000.00748CVE-2016-9814

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueLuki w zabezpieczeniachWektor dostępuRodzajPewność siebie
1T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveWysoki
2T1068CWE-264, CWE-284Execution with Unnecessary PrivilegespredictiveWysoki
3TXXXXCWE-XXXxx XxxxxxxxxpredictiveWysoki
4TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
5TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki
6TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveWysoki

IOA - Indicator of Attack (27)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1File/adminlogin.asppredictiveWysoki
2File/ajax-files/followBoard.phppredictiveWysoki
3File/ajax-files/postComment.phppredictiveWysoki
4File/index.phppredictiveMedium
5File/xxxxxxxxx.xxxpredictiveWysoki
6Filexxxxxx/xxxxx.xpredictiveWysoki
7Filexxxxxxx/xxxxxxxxx_xxxxxxx.xxx.xxxpredictiveWysoki
8Filexxxxx.xxxpredictiveMedium
9Filexxxxxxx/xxxxxxxx_xxxxxx/_xxxxxxxx.xxxxxx.xxxpredictiveWysoki
10Filexxxxxxxx.xxxpredictiveMedium
11Filexxxxxxxxxxxxx/xxxxxpredictiveWysoki
12Filexx-xxxxxxxx/xx-xxxxxxxxx.xxxpredictiveWysoki
13ArgumentxxxxxxxxxxpredictiveMedium
14ArgumentxxxxxpredictiveNiski
15ArgumentxxxpredictiveNiski
16ArgumentxxxxxpredictiveNiski
17ArgumentxxxxxpredictiveNiski
18ArgumentxxxxxpredictiveNiski
19ArgumentxxxxpredictiveNiski
20Argumentxxxxxxxx/xxxxxxxxpredictiveWysoki
21Argumentxxxxxxxx/xxxxxxxxpredictiveWysoki
22Input Value"><xxx xxx=x xxxxxxx=xxxxxx(x)>predictiveWysoki
23Input Value' xxx (xxxxxx xxxx xxxx(xxxxxx xxxxx(*),xxxxxx(xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx,xxxxx(xxxx(x)*x))x xxxx xxxxxxxxxxx_xxxxxx.xxxxxxxxx_xxxx xxxxx xx x)x) xxx 'xxxx'='xxxxpredictiveWysoki
24Input Value'xx''='predictiveNiski
25Input Value-xxxx+xxxxx+xxx+xxxxxx+xxxx,xxxx,xxxx,xxxx,xxxxxxx(),xxxx--predictiveWysoki
26Input Valuexxxxxxxxxx' xxx xxxx=xxxx xxx 'xxxx'='xxxxpredictiveWysoki
27Input Value<xxx xxx=x xxxxxxx=xxxxxx(x)>predictiveWysoki

Referencje (2)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!