DazzleSpy Análise

IOB - Indicator of Behavior (13)

Curso de tempo

Idioma

zh8
en6

País

cn14

Actores

Actividades

Interesse

Curso de tempo

Tipo

Fabricante

Produto

Apache Tomcat2
Ubiquiti EdgeMAX EdgeRouter2
osCommerce Online Merchant2
Minio Console2
Openfind Mail20002

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasCTIEPSSCVE
1TrueConf Server Injecção SQL8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00656CVE-2022-46764
2NotificationX Plugin SQL Statement Injecção SQL5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.02414CVE-2022-0349
3AddToAny Share Buttons Plugin Image Button Setting Roteiro Cruzado de Sítios2.42.3$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00053CVE-2021-24616
4DPTech VPN Divulgação de Informação3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.010.00150CVE-2022-34593
5Apache Tomcat Request Header Divulgação de Informação5.65.6$5k-$25k$0-$5kNot DefinedNot Defined0.020.00300CVE-2020-17527
6Ganglia Ganglia-web Remote Code Execution7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.18799CVE-2012-3448
7Openfind Mail2000 Access Control direitos alargados6.06.0$0-$5k$0-$5kNot DefinedNot Defined0.020.00087CVE-2020-12776
8SourceCodester Guest Management System myform.php Roteiro Cruzado de Sítios4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00138CVE-2022-2811
9osCommerce Online Merchant vulnerabilidade desconhecida5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00214CVE-2012-2991
10Oracle Database Oracle Application Express vulnerabilidade desconhecida5.45.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00054CVE-2020-2973
11Minio Console Operator Console Fraca autenticação8.68.5$0-$5k$0-$5kNot DefinedOfficial Fix0.020.05383CVE-2021-41266
12Ubiquiti EdgeMAX EdgeRouter Firmware Update direitos alargados8.17.7$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00359CVE-2021-22909
13Active Choices Plugin Roteiro Cruzado de Sítios3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00054CVE-2021-21616

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDEndereço IPHostnameActorCampanhasIdentifiedTipoAceitação
188.218.192.12888.218.192.128.static.xtom.comDazzleSpy05/03/2022verifiedAlto

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilidadesTipo de acessoTipoAceitação
1T1059.007CWE-79Cross Site ScriptingpredictiveAlto
2TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
3TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
4TXXXXCWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveAlto
5TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (3)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1Filemyform.phppredictiveMédio
2ArgumentxxxxpredictiveBaixo
3Argumentxx_xxpredictiveBaixo

Referências (2)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!