Torii Analiza

IOB - Indicator of Behavior (146)

Oś czasu

Język

en90
it42
fr14

Kraj

us146

Aktorzy

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Sprzedawca

Produkt

GitLab Community Edition8
Google Android6
Apple macOS6
Mozilla Firefox4
Apple tvOS4

Luki w zabezpieczeniach

#Słaby punktBaseTemp0dayDzisiajWykPrzCTIEPSSCVE
1Microsoft IIS WebDAV ScStoragePathFromUrl Immortal/ExploidingCan memory corruption8.58.4$25k-$100k$0-$5kHighOfficial Fix0.040.97121CVE-2017-7269
2Apple Mac OS X Server Wiki Server cross site scripting4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.000.00263CVE-2009-2814
3Ghostscript JBIG2 Image jbig2_decode_gray_scale_image memory corruption5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00184CVE-2016-9601
4Apple watchOS WebKit memory corruption7.57.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00627CVE-2017-7165
5IBM Rational License Key Server Administration/Reporting Tool information disclosure3.33.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00042CVE-2015-5045
6Eaton ELCSoft privilege escalation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00604CVE-2018-7511
7Mozilla Firefox memory corruption8.07.7$25k-$100k$0-$5kNot DefinedOfficial Fix0.030.00768CVE-2018-5145
8Amazon Music Player privilege escalation7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000.02593CVE-2018-1169
9GNU binutils libbfd coffgen.c coff_pointerize_aux privilege escalation6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00861CVE-2018-7208
10Microsoft Power BI Report Server cross site scripting5.25.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00168CVE-2019-1332
11Siemens Mendix Forgot Password information disclosure5.35.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00047CVE-2023-27464
12TikiWiki tiki-register.php privilege escalation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix6.370.01009CVE-2006-6168
13SourceCodester Employee and Visitor Gate Pass Logging System GET Parameter view_designation.php sql injection7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.050.00135CVE-2023-2090
14DZCP deV!L`z Clanportal config.php privilege escalation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.580.00943CVE-2010-0966
15Indexu suggest_category.php cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.080.00000
16MilliScripts register.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.050.00518CVE-2005-4161
17AlstraSoft AskMe Pro forum_answer.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00000
18Linux Kernel FXSAVE x87 Register weak encryption4.33.9$5k-$25kObliczenieProof-of-ConceptOfficial Fix0.020.00101CVE-2006-1056
19Phorum register.php sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00184CVE-2004-2110
20Expinion.net News Manager Lite comment_add.asp cross site scripting4.33.8$0-$5kObliczenieUnprovenOfficial Fix0.020.00607CVE-2004-1845

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDadres IPHostnameAktorKampanieIdentifiedRodzajPewność siebie
166.85.157.90ip-66-85-157-90.billpaysolution.comTorii2022-03-27verifiedWysoki
2XXX.XXX.XXX.XXxxxxxx.xxxxxxxxxxx.xxxXxxxx2022-03-27verifiedWysoki
3XXX.XXX.XXX.XXxxxxxx.xxxxxxxxxxx.xxxXxxxx2022-03-27verifiedWysoki
4XXX.XX.XX.XXxxxxxx.xxxxxxxxxxxxxxxxxxxx.xxxXxxxx2022-03-27verifiedWysoki

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueLuki w zabezpieczeniachWektor dostępuRodzajPewność siebie
1T1006CWE-22Path TraversalpredictiveWysoki
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveWysoki
3T1059CWE-94Argument InjectionpredictiveWysoki
4TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveWysoki
5TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
6TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveWysoki
7TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveWysoki
8TXXXXCWE-XXXxx XxxxxxxxxpredictiveWysoki
9TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveWysoki
10TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki
11TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveWysoki
12TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveWysoki

IOA - Indicator of Attack (53)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1File/admin/index.phppredictiveWysoki
2File/admin/maintenance/view_designation.phppredictiveWysoki
3File/cgi-bin/cgiServer.exxpredictiveWysoki
4Fileadd_vhost.phppredictiveWysoki
5Fileadv2.php?action=modifypredictiveWysoki
6Fileasm/float.cpredictiveMedium
7Fileasm/nasm.cpredictiveMedium
8Filexxxxxx/xxx.xpredictiveMedium
9Filexxxxxx/xxxx.xpredictiveWysoki
10Filexxxxxxx.xpredictiveMedium
11Filexxxxxxx_xxx.xxxpredictiveWysoki
12Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveWysoki
13Filexxxxxxx/xxx/xxx/xxx/xxx_xx.xpredictiveWysoki
14Filexxx.xpredictiveNiski
15Filexxxxxx-xxxxxxx.xxpredictiveWysoki
16Filexxxx.xxxpredictiveMedium
17Filexxxxx_xxxxxx.xxxpredictiveWysoki
18Filexxxxxxxxx.xxxpredictiveWysoki
19Filexxx/xxxxxx.xxxpredictiveWysoki
20Filexxxxx.xxxpredictiveMedium
21Filexxxx.xpredictiveNiski
22Filexxxxx.xpredictiveNiski
23Filexxxxxxxxxxx.xxpredictiveWysoki
24Filexxxxxx/xxxxxx/xxxx.xpredictiveWysoki
25Filexxxx/xxxxx/xxxxxxxxxxx/xxx/xxxxxxxxxxxx.xxxxxpredictiveWysoki
26Filexxxx/xxxxxxxxxx.xpredictiveWysoki
27Filexxxxx.xxxpredictiveMedium
28Filexxxxxx/xxxxx.xxx/xxxxpredictiveWysoki
29Filexxxxxx/xxxxx.xxx/xxxx/xxxxxxxxxxxxxxx/xxxxxxxx.xxxxpredictiveWysoki
30Filexxxxxxxx.xxxpredictiveMedium
31Filexxxxxx.xxpredictiveMedium
32Filexxxxxxx_xxxxxxxx.xxxpredictiveWysoki
33Filexxxx_xxxx_xxxxxx.xxxpredictiveWysoki
34Filexxxx-xxxxxxxx.xxxpredictiveWysoki
35Libraryxxxxxxxxxxxxx.xxxpredictiveWysoki
36Libraryxx/xxxxx/xxxxxx_xxxxxx.xpredictiveWysoki
37Libraryxxxxxxx_xxxx_xxx.xxxpredictiveWysoki
38Libraryxxxxxxx_xxx.xxxpredictiveWysoki
39Argument%xpredictiveNiski
40ArgumentxxxxxxxxpredictiveMedium
41ArgumentxxxxxxxxxxpredictiveMedium
42Argumentxxxxx_xxxpredictiveMedium
43Argumentxxxx_xxxxxpredictiveMedium
44ArgumentxxpredictiveNiski
45Argumentx/xx/xxxpredictiveMedium
46ArgumentxxxxxxxxpredictiveMedium
47ArgumentxxxxpredictiveNiski
48Argumentxxx_xxpredictiveNiski
49ArgumentxxxpredictiveNiski
50ArgumentxxxpredictiveNiski
51Argument_xxxxxxxxxpredictiveMedium
52Pattern|xx|xx|xx|predictiveMedium
53Network PortxxxxpredictiveNiski

Referencje (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!