Lumma Analiza

IOB - Indicator of Behavior (260)

Oś czasu

Język

en206
ru38
es8
zh4
pt2

Kraj

us70
ru42
de24
cn4
es2

Aktorzy

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Sprzedawca

Produkt

Microsoft Windows26
Transsoft Broker FTP Server4
Microsoft IIS4
Microsoft Exchange Server4
Max Feoktistov Small HTTP Server4

Luki w zabezpieczeniach

#Słaby punktBaseTemp0dayDzisiajWykPrzCTIEPSSCVE
1mailcow Sync Job privilege escalation7.37.1$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00174CVE-2023-26490
2Papoo kontakt.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.00000
3Microsoft Exchange Server Privilege Escalation8.07.3$5k-$25k$5k-$25kUnprovenOfficial Fix0.030.00061CVE-2023-36439
4Microsoft Exchange Server Privilege Escalation8.07.3$5k-$25k$5k-$25kUnprovenOfficial Fix0.040.00056CVE-2023-36050
5Microsoft Exchange Server Privilege Escalation8.07.3$5k-$25k$5k-$25kUnprovenOfficial Fix0.000.00056CVE-2023-36035
6Microsoft Exchange Server Privilege Escalation8.07.3$5k-$25k$5k-$25kUnprovenOfficial Fix0.040.00056CVE-2023-36039
7iGamingModules flashgames game.php sql injection7.57.4$0-$5k$0-$5kNot DefinedOfficial Fix0.050.00280CVE-2008-10003
8Netgate pfSense Plus/pfSense CE SSHGuard privilege escalation6.76.7$0-$5k$0-$5kNot DefinedNot Defined0.000.00212CVE-2023-27100
9Open Networking Foundation ONOS API Documentation Dashboard cross site scripting4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.020.00063CVE-2023-24279
10mailcow Sync Job privilege escalation6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00520CVE-2022-31245
11Sentry information disclosure6.26.1$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00059CVE-2023-39349
12fastify-swagger-ui privilege escalation5.35.2$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00052CVE-2024-22207
13Linux Kernel ksmbd smb2pdu.c smb2_tree_disconnect memory corruption8.98.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00608CVE-2022-47939
14insyde H2OFFT/H2OOAE/H2OUVE/H2OPCM/H2OELV Access Control privilege escalation6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00044CVE-2019-12532
15Pligg cloud.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.630.00000
16TikiWiki tiki-register.php privilege escalation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix6.790.01009CVE-2006-6168
17OFCMS update.json cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00072CVE-2022-29653
18knockout cross site scripting6.16.0$0-$5kObliczenieNot DefinedOfficial Fix0.000.00112CVE-2019-14862
19ThinkPHP Adapter.php privilege escalation7.67.6$0-$5k$0-$5kNot DefinedNot Defined0.040.00389CVE-2021-36564
20Adminer privilege escalation6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00142CVE-2021-43008

IOC - Indicator of Compromise (14)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueLuki w zabezpieczeniachWektor dostępuRodzajPewność siebie
1T1006CWE-22Path TraversalpredictiveWysoki
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveWysoki
3T1059CWE-94Argument InjectionpredictiveWysoki
4TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveWysoki
5TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
6TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveWysoki
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveWysoki
8TXXXXCWE-XXXxx XxxxxxxxxpredictiveWysoki
9TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki
10TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveWysoki
11TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki
12TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveWysoki
13TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveWysoki

IOA - Indicator of Attack (144)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1File/admin/admin.phppredictiveWysoki
2File/admin/comn/service/update.jsonpredictiveWysoki
3File/admin/index.php?id=themes&action=edit_template&filename=blogpredictiveWysoki
4File/api/0/api-tokens/predictiveWysoki
5File/api/profilepredictiveMedium
6File/filemanager/php/connector.phppredictiveWysoki
7File/forum/PostPrivateMessagepredictiveWysoki
8File/pages.phppredictiveMedium
9File/pages/processlogin.phppredictiveWysoki
10File/tmppredictiveNiski
11Fileadmin.cgipredictiveMedium
12Fileadmin/?page=system_infopredictiveWysoki
13Fileadmin/adminlogin.phppredictiveWysoki
14Fileadmin/gallery.phppredictiveWysoki
15Fileadmin\posts\view_post.phppredictiveWysoki
16Filearticle.phppredictiveMedium
17Filearticles.phppredictiveMedium
18Filebb-hist.sh/bb-histlog.sh/bb-hostsvc.sh/bb-rep.sh/bb-replog.sh/bb-ack.shpredictiveWysoki
19Filexxxxx.xxxpredictiveMedium
20Filexxxx_xxxxxx.xxxpredictiveWysoki
21Filexxxxxxx.xxxpredictiveMedium
22Filexxxxxxxxxx.xxxpredictiveWysoki
23Filexxxxxxxxxx.xxxpredictiveWysoki
24Filexxx-xxx/xxxxxx/xxxxxx.xxxpredictiveWysoki
25Filexxx-xxx/xxxxxx/xxxxxx.xxx?xxxxx=xpredictiveWysoki
26Filexxxxxxxxxx.xxxpredictiveWysoki
27Filexxxxx.xxxpredictiveMedium
28Filexxxxx\xxxxx\xxxxx.xxxx.xxxpredictiveWysoki
29Filexxxxxxx.xxxpredictiveMedium
30FilexxxxxxpredictiveNiski
31Filexxxxxxx.xxxpredictiveMedium
32Filexxxxxxxx.xxxpredictiveMedium
33Filexx/xxxxx/xxxxxxx.xpredictiveWysoki
34Filexxxx.xxxpredictiveMedium
35Filexxxxxxx.xxpredictiveMedium
36Filexxxxxxxx.xxpredictiveMedium
37Filexxxxxxxx_xxxx.xxxpredictiveWysoki
38Filexxx/xxxxxxx.xxxpredictiveWysoki
39Filexxxxxxxx/xxxxxxxxxxxx.xxx.xxxpredictiveWysoki
40Filexxx_xxxxxxxxxxxxxxxxxxx.xxxpredictiveWysoki
41Filexxxxx.xxxxpredictiveMedium
42Filexxxx.xxxpredictiveMedium
43Filexxxxxxx.xxxpredictiveMedium
44Filexxxxxxx/xxx_xxxxxxxx.xpredictiveWysoki
45Filexxxx.xxxpredictiveMedium
46Filexxxxxx.xxxpredictiveMedium
47Filexxxx.xxxpredictiveMedium
48Filexxx.xxxpredictiveNiski
49Filexxxxxx.xxxpredictiveMedium
50Filexxxxxxx/xxx/xxxxx.xxxpredictiveWysoki
51Filexx_xxxxxxxxxx.xxxpredictiveWysoki
52Filexxxx.xxx/xxxxxxxx.xxxpredictiveWysoki
53Filexxxx.xxxpredictiveMedium
54Filexxxxxxxx.xxxpredictiveMedium
55Filexxxxx.xxxpredictiveMedium
56Filexxxxxxxxx.xxxpredictiveWysoki
57Filexxxxxxx-xxxx.xxxpredictiveWysoki
58FilexxxxxxxxxpredictiveMedium
59Filexxxxxxx.xxxpredictiveMedium
60Filexxxxxxxxxxxxxx.xxxpredictiveWysoki
61Filexxxxxxxx.xxxpredictiveMedium
62Filexxxxxxxxxxx.xxxpredictiveWysoki
63Filexxx.xxxxxx.xxxxxpredictiveWysoki
64Filexxxxxxxx.xxpredictiveMedium
65Filexxxx.xxxpredictiveMedium
66FilexxxxpredictiveNiski
67Filexxxxxxxxx.xxx.xxxpredictiveWysoki
68Filexxxxxxx.xxxpredictiveMedium
69Filexxxxxx.xxxxpredictiveMedium
70Filexxxxx-xxxx]_xxxxxx.xxxpredictiveWysoki
71Filexxxx-xxxxxxxx.xxxpredictiveWysoki
72FilexxxxxxpredictiveNiski
73Filexxxxxx\xxxxxx\xxxxxxxxx-xxxxxx-xxxxxxx\xxx\xxxxxxx\xxxxxxx.xxxpredictiveWysoki
74Filexxxxxxxxxxxx.xxxpredictiveWysoki
75Filexxxxxxxxx.xxxpredictiveWysoki
76Filexxxxxxxxxxx.xxxpredictiveWysoki
77Filexxx-xxxxx.xxxpredictiveWysoki
78Filexxxxxxx/xxxxxx/xxxx.xxxpredictiveWysoki
79Filexxx-xxx-xxxxx/xxxx/xxxpredictiveWysoki
80Libraryxxx.xxxpredictiveNiski
81Libraryxxx/xxxxxxxx.xxpredictiveWysoki
82Libraryxxxxxxxx.xxxpredictiveMedium
83Argument-xpredictiveNiski
84ArgumentxxxpredictiveNiski
85ArgumentxxpredictiveNiski
86ArgumentxxpredictiveNiski
87ArgumentxxxxxxpredictiveNiski
88Argumentx/xpredictiveNiski
89ArgumentxxxpredictiveNiski
90ArgumentxxxxxxxxxxpredictiveMedium
91Argumentxx/xxxpredictiveNiski
92ArgumentxxxxxxxxxxpredictiveMedium
93ArgumentxxxxxpredictiveNiski
94ArgumentxxxpredictiveNiski
95ArgumentxxxxxxxpredictiveNiski
96ArgumentxxpredictiveNiski
97ArgumentxxxxxpredictiveNiski
98ArgumentxxxxxxxxxxxxpredictiveMedium
99ArgumentxxxxxxxxpredictiveMedium
100ArgumentxxxxxxxxxxxpredictiveMedium
101ArgumentxxxxpredictiveNiski
102ArgumentxxxxxxxxpredictiveMedium
103Argumentxxxx[xxxxxxx]predictiveWysoki
104Argumentxxxx_xxxxpredictiveMedium
105ArgumentxxxxxxxxpredictiveMedium
106ArgumentxxpredictiveNiski
107ArgumentxxxpredictiveNiski
108Argumentxxxx[*][xxxx]predictiveWysoki
109ArgumentxxxpredictiveNiski
110Argumentxxxxxx_xxpredictiveMedium
111ArgumentxxxxxxxxpredictiveMedium
112ArgumentxxxxxxxpredictiveNiski
113ArgumentxxxpredictiveNiski
114ArgumentxxxxxpredictiveNiski
115Argumentxxxxx xxxxxxpredictiveMedium
116ArgumentxxxxxpredictiveNiski
117Argumentxxxxx_xxpredictiveMedium
118ArgumentxxxxxxpredictiveNiski
119ArgumentxxxxpredictiveNiski
120ArgumentxxxxxxxxxpredictiveMedium
121Argumentxxx_xxpredictiveNiski
122Argumentxx_xxpredictiveNiski
123ArgumentxxxxxxxxxxpredictiveMedium
124Argumentxxxx xxpredictiveNiski
125Argumentxxxx_xxx_xxxx_xxxxpredictiveWysoki
126ArgumentxxxpredictiveNiski
127Argumentxxxxxxx/xxxxxxxpredictiveWysoki
128Argumentxxxx_xxxxxx_xxxxpredictiveWysoki
129ArgumentxxxxpredictiveNiski
130Argumentxxxxx/xxxxpredictiveMedium
131ArgumentxxxpredictiveNiski
132ArgumentxxxxpredictiveNiski
133Argumentxxxxxxxx/xxxxpredictiveWysoki
134Argumentxxxx_xxxxpredictiveMedium
135ArgumentxxxxxxxxxxxxxxxxxpredictiveWysoki
136Input Value..predictiveNiski
137Input Value...predictiveNiski
138Input Value<xxxxxxxx>\xpredictiveMedium
139Input Value<xxx>%xx+.xxxpredictiveWysoki
140Input Value<xxx>%xxpredictiveMedium
141Input ValuexxxxxxxxxpredictiveMedium
142Input Value~#xx/~#xx/~#xxpredictiveWysoki
143Network PortxxxxpredictiveNiski
144Network Portxxx/xxx (xxxx)predictiveWysoki

Referencje (5)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!