Sektor Insurance

Timeframe: -28 days

Default Categories (76): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Asset Management Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Information Management Software, IP Phone Software, JavaScript Library, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Smartphone Operating System, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Tidslinje

Säljare

Oracle242
Insteon86
Microsoft82
Not Defined56
Apple38

Produkt

Insteon Hub86
Microsoft Windows66
Oracle MySQL Server32
Apple macOS28
Juniper Junos OS26

Åtgärd

Official Fix634
Temporary Fix0
Workaround2
Unavailable0
Not Defined170

Utnyttjbarhet

High0
Functional0
Proof-of-Concept22
Unproven80
Not Defined704

Åtkomstvektor

Not Defined0
Physical6
Local58
Adjacent80
Network662

Autentisering

Not Defined0
High84
Low356
None366

Användarinteraktion

Not Defined0
Required150
None656

C3BM Index

CVSSv3 Base

≤10
≤22
≤34
≤450
≤5122
≤6128
≤796
≤8194
≤978
≤10132

CVSSv3 Temp

≤10
≤22
≤34
≤458
≤5124
≤6144
≤7100
≤8208
≤9114
≤1052

VulDB

≤10
≤24
≤324
≤462
≤5128
≤6102
≤7106
≤8168
≤9156
≤1056

NVD

≤1664
≤20
≤30
≤40
≤58
≤616
≤78
≤812
≤914
≤1084

CNA

≤1472
≤20
≤30
≤48
≤522
≤638
≤754
≤892
≤9112
≤108

Säljare

≤1724
≤20
≤30
≤42
≤52
≤68
≤714
≤840
≤916
≤100

Utnyttja 0-dagars

<1k26
<2k132
<5k110
<10k122
<25k272
<50k42
<100k102
≥100k0

Utnyttja idag

<1k166
<2k192
<5k232
<10k84
<25k128
<50k4
<100k0
≥100k0

Utnyttja marknadsvolymen

IOB - Indicator of Behavior (1000)

Tidslinje

Lang

en760
ja106
fr24
zh22
ru20

Land

us164
jp128
cn60
ru44
fr40

Skådespelare

Hafnium1
Shadowcrew1
Conti1
Rocke1
PingPull1

Aktiviteter

Intressera

Tidslinje

Typ

Operating System48
Router Operating System18
Cloud Software16
Database Software12
Firewall Software12

Säljare

Microsoft34
Linux22
Not Defined20
Oracle16
Cisco14

Produkt

Microsoft Windows24
Linux Kernel22
Adobe Acrobat Reader10
Google Android8
F5 BIG-IP8

Sårbarheter

#SårbarhetBaseTemp0dayI dagUtnRemCTIEPSSCVE
1IP Vault WP Firewall Plugin cross site scripting2.42.4$0-$5k$0-$5kNot DefinedNot Defined1.780.00000CVE-2022-47171
2GNU C Library Call Graph Monitor gmon.c __monstartup minneskorruption4.64.4$0-$5k$0-$5kNot DefinedOfficial Fix3.79-0.00000CVE-2023-0687
3OpenBSD OpenSSH compat.c minneskorruption5.65.4$5k-$25k$5k-$25kNot DefinedOfficial Fix2.650.00950CVE-2023-25136
4Microsoft Edge förnekande av tjänsten3.13.0$25k-$100k$5k-$25kNot DefinedOfficial Fix2.350.00000CVE-2023-21720
5Nextcloud Mail svag kryptering2.01.9$0-$5k$0-$5kNot DefinedOfficial Fix2.65-0.00000CVE-2023-23944
6Calendar Event Management System sql injektion6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.740.00890CVE-2023-0675
7SUSE Linux Enterprise Server/Manager Server rmt-server-regsharing Service privilegier eskalering8.38.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.97+0.00000CVE-2022-31254
8Calendar Event Management System Login Page sql injektion7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined1.480.00954CVE-2023-0663
9Nextcloud Desktop Client QML Label cross site scripting4.44.4$0-$5k$0-$5kNot DefinedOfficial Fix0.810.00000CVE-2023-23942
10Nextcloud Mail privilegier eskalering5.75.5$0-$5k$0-$5kNot DefinedOfficial Fix0.740.00000CVE-2023-23943
11Zyxel NBG-418N v2 Logs Page cross site scripting5.85.8$0-$5k$0-$5kNot DefinedOfficial Fix0.740.00000CVE-2022-45441
12Linux Kernel V4L2/Vivid Test Code förnekande av tjänsten6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.570.00000CVE-2023-0615
13Western Digital My Cloud svag autentisering6.35.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix2.520.00000CVE-2021-36224
14VMware Workstation förnekande av tjänsten4.44.2$0-$5k$0-$5kNot DefinedOfficial Fix0.840.00885CVE-2023-20854
15SiteFusion Application Server Extension getextension.php kataloggenomgång3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix1.280.00950CVE-2016-15023
16IBM WebSphere Application Server Sequence privilegier eskalering9.08.8$25k-$100k$5k-$25kNot DefinedOfficial Fix0.710.01978CVE-2023-23477
17F5 BIG-IP iControl SOAP Format String8.28.2$5k-$25k$5k-$25kNot DefinedNot Defined1.040.01086CVE-2023-22374
18QNAP QuTS hero/QTS sql injektion8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.670.01055CVE-2022-27596
19Western Digital My Cloud Firmware Upgrade svag autentisering8.07.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix2.700.00000CVE-2021-36226
20jianlinwei cool-php-captcha example-form.php cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.340.01018CVE-2009-10001

IOC - Indicator of Compromise (10)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeSkådespelareTypFörtroende
154.213.123.0/24DealplypredictiveHög
2XX.XX.XXX.X/XXXxxxxxxxpredictiveHög
3XXX.XXX.XXX.X/XXXxxxxxxxpredictiveHög
4XXX.XX.XX.X/XXXxxxxxxxpredictiveHög
5XXX.XX.XXX.X/XXXxxxxpredictiveHög
6XXX.XXX.XXX.X/XXXxxxxpredictiveHög
7XXX.XXX.XXX.X/XXXxxxxpredictiveHög
8XXX.XXX.XXX.X/XXXxxxxxxpredictiveHög
9XXX.X.XXX.X/XXXxxxxpredictiveHög
10XXX.XXX.XX.X/XXXxxxxxxxxxpredictiveHög

TTP - Tactics, Techniques, Procedures (23)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSårbarheterÅtkomstvektorTypFörtroende
1T1006CWE-22, CWE-23Pathname TraversalpredictiveHög
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveHög
3T1059CWE-88, CWE-94Cross Site ScriptingpredictiveHög
4T1059.007CWE-79Cross Site ScriptingpredictiveHög
5T1068CWE-266, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHög
6TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHög
7TXXXX.XXXCWE-XXXXxx-xxx Xxxx Xxxxxxx XxxxpredictiveHög
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHög
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHög
10TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHög
11TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHög
12TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHög
13TXXXXCWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHög
14TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHög
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxx Xx X Xxxxxxxxxxx'x Xxxxx Xx XxxxxpredictiveHög
16TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxxpredictiveHög
17TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveHög
18TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHög
19TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHög
20TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveHög
21TXXXXCWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHög
22TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHög
23TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveHög

IOA - Indicator of Attack (68)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlassIndicatorTypFörtroende
1File/api/v1/registration/validateEmailpredictiveHög
2File/CPEpredictiveLåg
3File/opt/Citrix/ICAClient/util/ctxwebhelperpredictiveHög
4File/Services/Misc.asmx/SearchTagpredictiveHög
5File/setnetworksettings/IPAddresspredictiveHög
6File/SetNetworkSettings/SubnetMaskpredictiveHög
7File/tool/gen/createTablepredictiveHög
8FileAccessibilityManagerService.javapredictiveHög
9Filexxxxxxxxxxxxxxx.xxxpredictiveHög
10Filexxxx.xpredictiveLåg
11Filexxxxxxxxxxxxxxxx.xxxxpredictiveHög
12Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHög
13Filexxxxxx.xpredictiveMedium
14Filexxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHög
15Filexxxxxx.xpredictiveMedium
16Filexxx_xxxxxxx_xxxxxxxxx_xxxxxxxxx_xxxxxxxxxxxxxx.xxxpredictiveHög
17Filexxxxxxxxx.xxxxpredictiveHög
18Filexxxxxxx/xxx/xxx-xxxxxxxx.xpredictiveHög
19Filexxxxxxx/xxx/xxxx/xxxx.xpredictiveHög
20Filexxxxxxx/xxx/xxxxxxxx/xxxxx_xxxx.xpredictiveHög
21Filexxxxxxx-xxxx.xxxpredictiveHög
22Filexx/xxxxx/xxxxxx.xpredictiveHög
23Filexxxxxxxxxxxx.xxxpredictiveHög
24Filexxxx.xpredictiveLåg
25Filexxx_xxx.xpredictiveMedium
26Filexxxxxxxxxxxxx/xxx/xxx/xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxxpredictiveHög
27Filexxx/xxxxx.xxxpredictiveHög
28Filexx_xxxxx/xxxxxxxxx.xpredictiveHög
29Filexx_xxxxx/xxxx.xpredictiveHög
30Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHög
31Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHög
32Filexxx.xxxpredictiveLåg
33Filexxx/xxxx/xxx.xpredictiveHög
34Filexxx/xxxxx/xxx_xxx.xpredictiveHög
35Filexxx/xxxxx/xxx_xxx.xpredictiveHög
36Filexxx/xxxxx/xxx_xxx.xpredictiveHög
37Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHög
38Filexxxx/xxxxxxx/xxxxxxxx.xxxpredictiveHög
39Filexxxxxxxxxx_xxxxxxxxx.xxxpredictiveHög
40Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHög
41Filexxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHög
42Filexxxxxxx/xxxxxxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxxpredictiveHög
43Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveHög
44Filexxxxxx/xxxx.xxpredictiveHög
45Filexxxxxxxx.xxxxpredictiveHög
46Filexxxxxxxxxxxxxxxx.xxxxpredictiveHög
47Filexxxxxxxxxxxxx.xxxxpredictiveHög
48Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHög
49Filexxxxxxxxxx.xxxxpredictiveHög
50Library/xxxx/xxxxx/xxx/xxxxxxx_xxx.xpredictiveHög
51Libraryxxxxxxx/xxxxxxxx.xxxpredictiveHög
52ArgumentxxxxxxxpredictiveLåg
53ArgumentxxxpredictiveLåg
54ArgumentxxxxpredictiveLåg
55Argumentxxxx_xxxxx_xxxxxxxxxxpredictiveHög
56Argumentxxxx/xxxpredictiveMedium
57Argumentxx_xxxpredictiveLåg
58Argumentxxxxxxx.xxx_xxxxxxxxxxpredictiveHög
59ArgumentxxxxxxxpredictiveLåg
60Argumentxxxxx/xxxpredictiveMedium
61ArgumentxxxxxxxpredictiveLåg
62Argumentxxxxxxx_xxxpredictiveMedium
63ArgumentxxxxxxpredictiveLåg
64ArgumentxxxxpredictiveLåg
65ArgumentxxxxxxxxpredictiveMedium
66Argumentxxxxxxxx/xxxxxxxxpredictiveHög
67ArgumentxxxxxpredictiveLåg
68Input Value%xxxxxxxx%xxxxxxx(x)%xx/xxxxxx%xxpredictiveHög
TidigareÖversiktNästa

Do you know our Splunk app?

Download it now for free!