Mispadu Analiza

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (20)

Język

de	12
en	8

Kraj

us	16
gb	2
in	2

Aktorzy

Mispadu	3
Mirai	1
Remcos	1
RedLine Stealer	1
Quasar RAT	1

Wysiłek

Rodzaj

Content Management System	6
Not Defined	4
Database Software	2
File Transfer Software	2
Operating System	2

Sprzedawca

Not Defined	8
IBM	2
ubuntu	2
Nicholas Marriott	2
Xerox	2

Produkt

SilverStripe	2
IBM DB2	2
WordPress	2
Samba	2
ubuntu Linux	2

Luki w zabezpieczeniach

#	Słaby punkt	Base	Temp	0day	Dzisiaj	Wyk	Prz	EPSS	CTI	CVE
1	Huawei ACXXXX/SXXXX SSH Packet privilege escalation	7.5	7.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00246	0.07	CVE-2014-8572
2	Huawei SXXX VRP MPLS LSP Ping information disclosure	5.3	5.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00096	0.04	CVE-2014-8570
3	Tribe29 Checkmk Livestatus Query Language privilege escalation	7.0	7.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.00	CVE-2022-47909
4	Tribe29 Checkmk Agent Updater Log File information disclosure	5.1	5.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.04	CVE-2022-48319
5	Microsoft Windows ISATAP privilege escalation	6.5	6.2	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.06396	0.02	CVE-2010-0812
6	IBM DB2 privilege escalation	6.3	6.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00343	0.00	CVE-2011-1846
7	Nicholas Marriott tmux privilege escalation	5.9	5.6	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00051	0.00	CVE-2011-1496
8	WordPress directory traversal	5.7	5.6	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00326	0.04	CVE-2023-2745
9	netcf Path Expression find_ifcfg_path privilege escalation	5.9	5.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00662	0.00	CVE-2014-8119
10	Xerox Workcentre 5655 Authorization information disclosure	5.3	5.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00251	0.00	CVE-2010-0548
11	Xerox Workcentre 6400 Net Controller information disclosure	5.3	5.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00204	0.02	CVE-2010-0549
12	SilverStripe information disclosure	5.3	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.01045	0.02	CVE-2010-5188
13	ubuntu Linux weak authentication	10.0	9.5	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00272	0.03	CVE-2010-0834
14	Red Hat Enterprise Linux privilege escalation	5.3	5.3	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00485	0.00	CVE-2010-2598
15	Drupal Form API privilege escalation	5.5	5.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00093	0.06	CVE-2022-25271
16	Mahara Single Sign-On weak authentication	6.3	6.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00450	0.02	CVE-2010-1670
17	Green Hills INTEGRITY RTOS Interpeak IPCOMShell TELNET Server memory corruption	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00308	0.00	CVE-2019-7713
18	Samba receive_smb_raw memory corruption	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.97018	0.03	CVE-2008-1105

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	adres IP	Hostname	Aktor	Identified	Rodzaj	Pewność siebie
1	2.59.255.65		Mispadu	2023-07-29	verified	Wysoki
2	X.XX.XXX.XXX	xxx-x-xx-xxx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxx	Xxxxxxx	2021-05-31	verified	Medium
3	XX.XXX.XX.XXX	xxx-xx-xxx-xx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxx	Xxxxxxx	2021-05-31	verified	Medium
4	XX.XXX.XX.XXX		Xxxxxxx	2024-02-16	verified	Wysoki
5	XX.XX.XX.XXX		Xxxxxxx	2021-05-31	verified	Wysoki

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Klasa	Luki w zabezpieczeniach	Wektor dostępu	Rodzaj	Pewność siebie
1	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	Wysoki
2	TXXXX	CAPEC-10	CWE-XX	Xxxxxxxx Xxxxxxxxxxxxxx Xx Xxxx Xxxxxx Xxxxx Xxxxxxxxxxx	predictive	Wysoki
3	TXXXX	CAPEC-0	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Wysoki
4	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Wysoki

IOA - Indicator of Attack (1)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klasa	Indicator	Rodzaj	Pewność siebie
1	Argument	debug_profile	predictive	Wysoki

Referencje (4)

The following list contains external sources which discuss the actor and the associated activities:

◂ PoprzedniPrzeglądKolejny ▸

Might our Artificial Intelligence support you?

Check our Alexa App!