Chalubo Анализ

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (6)

Язык

en	4
zh	2

Страна

cn	2

Акторы

Chalubo	1

Интерес

Тип

Unified Communication Software	2
Smartphone Operating System	2

Поставщик

Cisco	2
Not Defined	2

Продукт

Cisco Unified Communications Manager	2
Mobile Device Monitoring Service	2

Уязвимости

#	Уязвимости	Base	Temp	0day	Сегодня	Э�	Rem	EPSS	CTI	CVE
1	Cisco Unified Communications Manager TLS Certificate слабое шифрование	5.3	4.6	$5k-$25k	$0-$5k	Unproven	Official Fix	0.00110	0.00	CVE-2014-7991
2	Mobile Device Monitoring Service API эскалация привилегий	5.5	5.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00151	0.04	CVE-2022-0732
3	Valmet DNA Service Port 1517 эскалация привилегий	9.3	9.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00156	0.00	CVE-2021-26726
4	Apache Sling Sling.evalString межсайтовый скриптинг	5.2	5.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00238	0.00	CVE-2017-9802

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-адрес	Hostname	Актор	Кампании	Identified	Тип	Уверенность
1	103.27.185.139		Chalubo		24.01.2022	verified	Высокий
2	XXX.XX.XXX.XX		Xxxxxxx		24.01.2022	verified	Высокий

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Класс	Уязвимости	Вектор доступа	Тип	Уверенность
1	T1059.007	CAPEC-10	CWE-74, CWE-79, CWE-707	Cross Site Scripting	predictive	Высокий
2	TXXXX	CAPEC-19	CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Высокий
3	TXXXX	CAPEC-10	CWE-XX, CWE-XX, CWE-XXX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Высокий
4	TXXXX	CAPEC-0	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Высокий

IOA - Indicator of Attack (1)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Класс	Indicator	Тип	Уверенность
1	Argument	SAN	predictive	Низкий

Ссылки (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ ПредыдущийОбзорДалее ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!