SpeakUp Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (109)

Tidslinje

Lang

en104
fr4
pl2

Land

us24
cn6
ie4
fr2
nl2

Skådespelare

SpeakUp3
Cobalt Strike2
Agrius1
Bashlite1
Mirai1

Aktiviteter

Intressera

Tidslinje

Typ

Not Defined48
Bug Tracking Software8
Operating System6
Smartphone Operating System6
WordPress Plugin4

Säljare

Not Defined38
Microsoft6
Google6
Atlassian6
HP4

Produkt

Atlassian JIRA6
Microsoft Windows4
Netgear RBK7524
Rumpus FTP Server4
Google Android4

Sårbarheter

#SårbarhetBaseTemp0dayI dagUtnRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash informationsgivning5.35.2$5k-$25k$0-$5kHighWorkaround0.020160.02CVE-2007-1192
2Rittal PDU-3C002DEC/CMCIII-PU-9333E0FB privilegier eskalering7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.001710.00CVE-2020-11953
3SmarterTools SmarterMail Email Stored cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000840.00CVE-2019-7211
4Backdoor.Win32.Psychward.b Service Port 8888 svag autentisering7.36.4$0-$5k$0-$5kProof-of-ConceptWorkaround0.000000.04
5Echelon SmartServer 1/SmartServer 2/i.LON 100/i.LON 600 svag autentisering8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.002050.00CVE-2018-8859
6Cybozu Garoon privilegier eskalering5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000820.00CVE-2022-27661
7GitLab Community Edition/Enterprise Edition Rrunner Jobs API privilegier eskalering4.34.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000810.00CVE-2022-2227
8Barco TransForm N Control Room Management Suite Web Application cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000780.00CVE-2022-26974
9BigBlueButton Chat Message informationsgivning5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000690.00CVE-2022-29232
10wolfSSL BASE64 PEM File Decoding informationsgivning2.22.2$0-$5k$0-$5kNot DefinedNot Defined0.000630.00CVE-2021-24116
11Google Go IP Address net.ParseCIDR privilegier eskalering7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.002260.00CVE-2021-29923
12Camunda Modeler IPC Message writeFile privilegier eskalering7.07.0$0-$5k$0-$5kNot DefinedNot Defined0.008710.02CVE-2021-28154
13cocoapods-downloader privilegier eskalering6.86.7$0-$5k$0-$5kNot DefinedOfficial Fix0.001310.00CVE-2022-21223
14Deno privilegier eskalering8.68.5$0-$5k$0-$5kNot DefinedOfficial Fix0.001970.00CVE-2022-24783
15Rockwell Automation ISaGRAF Runtime privilegier eskalering5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000450.00CVE-2020-25184
16Cost Calculator Plugin Cost Calculator Post's Layout kataloggenomgång5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.000650.00CVE-2021-24820
17Zabbix SAML svag autentisering8.28.2$0-$5k$0-$5kHighNot Defined0.971860.27CVE-2022-23131
18Shared Groovy Libraries Plugin privilegier eskalering5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.001040.00CVE-2022-25183
19Sangoma Corporation Switchvox privilegier eskalering4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001090.00CVE-2021-45310
20Samsung Smartphone Edge Panel informationsgivning2.72.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000470.00CVE-2022-24001

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-adressHostnameSkådespelareKampanjerIdentifiedTypFörtroende
15.2.73.127SpeakUp12/02/2022verifiedHög
2X.XXX.XX.XXxxxxxxxx.xxxxxxx.xxxXxxxxxx12/02/2022verifiedHög
3XX.XXX.XXX.XXXxx.xxx.xxx.xxx.xxxxxxxx.xxxXxxxxxx12/02/2022verifiedHög
4XXX.XX.XXX.XXXXxxxxxx12/02/2022verifiedHög
5XXX.XX.XXX.XXXxxx.xxxxx.xxXxxxxxx12/02/2022verifiedHög

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueKlassSårbarheterÅtkomstvektorTypFörtroende
1T1006CAPEC-126CWE-21, CWE-22Path TraversalpredictiveHög
2T1059CAPEC-137CWE-88, CWE-94Argument InjectionpredictiveHög
3T1059.007CAPEC-209CWE-79Cross Site ScriptingpredictiveHög
4TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHög
5TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHög
6TXXXXCAPEC-108CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHög
7TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHög
8TXXXXCAPEC-0CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHög
9TXXXXCAPEC-0CWE-XXXXxxxxxxxxx XxxxxxpredictiveHög
10TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHög
11TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHög
12TXXXXCAPEC-0CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHög
13TXXXXCAPEC-116CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHög
14TXXXXCAPEC-157CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHög
15TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHög

IOA - Indicator of Attack (34)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlassIndicatorTypFörtroende
1File/cgi-bin/kerbynetpredictiveHög
2File/damicms-master/admin.php?s=/Article/doeditpredictiveHög
3File/etc/quaggapredictiveMedium
4File/main?cmd=invalid_browserpredictiveHög
5Filebackend/upcean.cpredictiveHög
6Filexxxxxxxxx.xxxpredictiveHög
7Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHög
8Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHög
9Filexxxx-xxxxxxxx-xxxxxx.xxxpredictiveHög
10Filexxxx/xxxx_xxxxxxxx_xxx/xxx_xxxxpredictiveHög
11Filexxxxxxxxx.xxxpredictiveHög
12Filexx_xxx_xx.xpredictiveMedium
13Filexxx/xxxxx/xxxx-xxxxxxxx.xxxpredictiveHög
14Filexxxxx.xxxpredictiveMedium
15Filexxxxxxx.xxxpredictiveMedium
16Filexxxxxxx.xxxpredictiveMedium
17Filexxxx/xxxxxxxxxxxxxx.xxxxpredictiveHög
18Filexxxxxxx:xxxxxxxxxxxxxxxxpredictiveHög
19Filexx_xxxx/xx/predictiveMedium
20Filexxxx.xxxpredictiveMedium
21FilexxxxxxxpredictiveLåg
22Libraryxxxxxxxxxx.xxxpredictiveHög
23ArgumentxxxpredictiveLåg
24ArgumentxxxxxxxxxxxxxxxpredictiveHög
25ArgumentxxxxxxxxxxxxpredictiveMedium
26ArgumentxxxxxxpredictiveLåg
27Argumentxxxxxx_xxxxx_xxxpredictiveHög
28ArgumentxxpredictiveLåg
29ArgumentxxpredictiveLåg
30Argumentxxxx xxxxxpredictiveMedium
31ArgumentxxxxxxxxxxxxxxxxxxxpredictiveHög
32ArgumentxxxxxxxpredictiveLåg
33ArgumentxxxxpredictiveLåg
34Input Value%xx%xxxxx%xx/xxx/xxxxxx%xx%xxpredictiveHög

Referenser (2)

The following list contains external sources which discuss the actor and the associated activities:

TidigareÖversiktNästa

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!