部门 Homeoffice

Timeframe: -28 days

Default Categories (32): Android App Software, Anti-Malware Software, Calendar Software, Digital Media Player, Document Processing Software, Document Reader Software, File Compression Software, File Transfer Software, Firewall Software, Game Console, Groupware Software, Hardware Driver Software, Image Processing Software, iOS App Software, Mail Client Software, Messaging Software, Multimedia Player Software, Network Attached Storage Software, Network Encryption Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Remote Access Software, Router Operating System, Smartphone Operating System, Smartwatch Operating System, Spreadsheet Software, Tablet Operating System, Web Browser, Wireless LAN Software, Word Processing Software

时间轴

供应商

Linux292
Microsoft104
Google46
Foxit46
Apple36

产品

Linux Kernel292
Microsoft Windows84
Foxit PDF Reader46
Google Android28
Mozilla Firefox22

修正

Official Fix608
Temporary Fix0
Workaround4
Unavailable0
Not Defined54

易受攻击性

High6
Functional2
Proof-of-Concept6
Unproven82
Not Defined570

访问向量

Not Defined0
Physical12
Local116
Adjacent326
Network212

身份验证

Not Defined0
High26
Low436
None204

用户交互

Not Defined0
Required152
None514

C3BM Index

CVSSv3 Base

≤10
≤22
≤318
≤454
≤5146
≤6230
≤7118
≤868
≤928
≤102

CVSSv3 Temp

≤10
≤22
≤318
≤458
≤5144
≤6314
≤786
≤830
≤912
≤102

VulDB

≤10
≤24
≤316
≤462
≤5140
≤6232
≤7118
≤870
≤922
≤102

NVD

≤1666
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1594
≤20
≤32
≤44
≤516
≤610
≤78
≤818
≤912
≤102

供应商

≤1576
≤20
≤30
≤40
≤52
≤64
≤722
≤848
≤914
≤100

零日攻击

<1k26
<2k106
<5k20
<10k294
<25k114
<50k72
<100k34
≥100k0

本日攻击

<1k194
<2k196
<5k116
<10k88
<25k72
<50k0
<100k0
≥100k0

攻击市场容量

IOB - Indicator of Behavior (1000)

时间轴

语言

en956
de18
zh12
fr8
ar2

国家/地区

us264
de68
cn28
fr20
ru16

演员

Sandworm2
Cobalt Strike2
Moobot1
Cuba Ransomware1
Mirai1

活动

利益

时间轴

类型

Operating System102
Router Operating System8
Web Browser4
Firewall Software4
Office Suite Software2

供应商

Microsoft98
Linux8
TP-Link6
Google4
Not Defined2

产品

Microsoft Windows94
Linux Kernel8
TP-Link AC13506
TP-Link N3006
Microsoft Edge2

漏洞

#漏洞BaseTemp0day今天修正CTIEPSSCVE
1Microsoft Windows SmartScreen Prompt 权限升级8.88.2$25k-$100k$5k-$25kFunctionalOfficial Fix1.22-0.00000CVE-2024-29988
2Microsoft Windows Distributed File System 竞争条件7.26.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.93-0.00000CVE-2024-29066
3Microsoft Windows Secure Boot 竞争条件7.16.2$25k-$100k$5k-$25kUnprovenOfficial Fix0.82-0.00000CVE-2024-29062
4Microsoft Windows Hyper-V 拒绝服务5.85.1$5k-$25k$0-$5kUnprovenOfficial Fix0.76-0.00000CVE-2024-29064
5Microsoft Windows Secure Boot 内存损坏7.86.8$25k-$100k$5k-$25kUnprovenOfficial Fix0.74-0.00000CVE-2024-29061
6Microsoft Windows Authentication 弱加密4.33.8$25k-$100k$5k-$25kUnprovenOfficial Fix0.72-0.00000CVE-2024-29056
7Microsoft Windows Storage 权限升级7.86.8$25k-$100k$5k-$25kUnprovenOfficial Fix0.55-0.00000CVE-2024-29052
8Microsoft Windows Cryptographic Services Local Privilege Escalation8.17.0$25k-$100k$5k-$25kUnprovenOfficial Fix0.59-0.00000CVE-2024-29050
9Microsoft Windows Proxy Driver 权限升级6.75.8$25k-$100k$5k-$25kUnprovenOfficial Fix0.57-0.00000CVE-2024-26234
10Microsoft Windows WDAC OLE DB Provider for SQL Server 内存损坏8.87.7$25k-$100k$5k-$25kUnprovenOfficial Fix0.52-0.00000CVE-2024-26244
11Microsoft Windows libarchive 内存损坏8.37.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.55-0.00000CVE-2024-26256
12Microsoft Windows Secure Boot 内存损坏8.07.0$25k-$100k$5k-$25kUnprovenOfficial Fix0.42-0.00000CVE-2024-28925
13Microsoft Windows Secure Boot 内存损坏6.45.6$25k-$100k$5k-$25kUnprovenOfficial Fix0.40-0.00000CVE-2024-28923
14Microsoft Windows WDAC OLE DB Provider for SQL Server 内存损坏8.87.7$25k-$100k$5k-$25kUnprovenOfficial Fix0.67-0.00000CVE-2024-26210
15Microsoft Windows Remote Access Connection Manager 信息公开5.54.8$5k-$25k$0-$5kUnprovenOfficial Fix0.41-0.00000CVE-2024-28902
16Microsoft Windows Routing/Remote Access Service 内存损坏8.87.7$25k-$100k$5k-$25kUnprovenOfficial Fix0.65-0.00000CVE-2024-26205
17Microsoft Windows Virtual Machine Bus 内存损坏7.56.5$25k-$100k$5k-$25kUnprovenOfficial Fix0.32-0.00000CVE-2024-26254
18Microsoft Windows Secure Boot 内存损坏6.75.8$25k-$100k$5k-$25kUnprovenOfficial Fix0.34-0.00000CVE-2024-28924
19Microsoft Windows Secure Boot 权限升级4.23.7$0-$5k$0-$5kUnprovenOfficial Fix0.40-0.00000CVE-2024-28922
20Microsoft Windows rndismp6.sys 权限升级6.85.9$5k-$25k$5k-$25kUnprovenOfficial Fix0.36-0.00000CVE-2024-26253

IOC - Indicator of Compromise (15)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP range参与者类型可信度
12.57.122.0/24Miraipredictive
239.109.86.0/24Cobalt Strikepredictive
3XX.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
4XX.XXX.XXX.X/XXXxxxxxx Xxxxxxxpredictive
5XX.X.XX.X/XXXxxxxxxxxpredictive
6XX.XXX.XXX.X/XXXxxxxxxpredictive
7XX.XX.XXX.X/XXXxxxxxxxpredictive
8XX.XX.XXX.X/XXXxxxxpredictive
9XXX.XXX.XX.X/XXXxxxxxpredictive
10XXX.XXX.XXX.X/XXXxxxxpredictive
11XXX.XXX.XXX.X/XXXxxxxxxxpredictive
12XXX.XXX.XXX.X/XXXxxxxxxxpredictive
13XXX.XX.XX.X/XXXxxxxxxxpredictive
14XXX.XX.XX.X/XXXxxxxpredictive
15XXX.XX.XXX.X/XXXxxxxxpredictive

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique漏洞访问向量类型可信度
1T1006CWE-22Path Traversalpredictive
2T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictive
3T1059.007CWE-79, CWE-80Cross Site Scriptingpredictive
4T1068CWE-250, CWE-269, CWE-274, CWE-284Execution with Unnecessary Privilegespredictive
5TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
6TXXXXCWE-XXXXxxxxxxxxx Xxxxxxpredictive
7TXXXXCWE-XXXxx Xxxxxxxxxpredictive
8TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
9TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
10TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx Xxxxxxxxpredictive
11TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictive
12TXXXXCWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictive
13TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
14TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
15TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
16TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictive

IOA - Indicator of Attack (81)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID分类Indicator类型可信度
1File/cgi-bin/gui.cgipredictive
2File/loginpredictive
3File/setup.cgipredictive
4Fileandroidmanifest.xmlpredictive
5FileAp4Atom.cpppredictive
6FileAp4ByteStream.cpppredictive
7FileAp4Dec3Atom.cpppredictive
8FileAp4MdhdAtom.cpppredictive
9FileAp4Sample.hpredictive
10FileAp4StsdAtom.cpppredictive
11FileAp4Utils.cpppredictive
12Filearch/x86/kernel/fpu/core.cpredictive
13Filexxxx_xxxxxx.xpredictive
14Filexxxxx/xxx-xxxxxx.xpredictive
15Filexxxxx/xxx-xx-xxx.xpredictive
16Filexxx_xxx.xxxxpredictive
17Filexxxxxxxxxxxxxx.xxxpredictive
18Filexxxxxxxxx.xxxpredictive
19Filexxxxxxx/xxxxx/xxxxxxx/xx_xxxxxxxxx.xpredictive
20Filexxxx.xpredictive
21Filexx/xxxxx/xxxx-xx.xpredictive
22Filexx/xxxxx/xxxxxxxxxxx.xpredictive
23Filexx/xxxxx/xxxx-xxx.xpredictive
24Filexx/xxxx/xxxx.xpredictive
25Filexx/xxxx/xxxxxxx_xxxxxx.xpredictive
26Filexxxxxpredictive
27Filexxxxx_xxxxxxpredictive
28Filexxxxx.xpredictive
29Filexxxxxx/xxx/xxxxxxx.xpredictive
30Filexxxxxx/xxx/xxxxx.xpredictive
31Filexxxxxx/xxx/xxxx.x:predictive
32Filexxx.xpredictive
33Filexxxxxxxxx.xxpredictive
34Filexxx.xpredictive
35Filexx/xxxx_xxxxx.xpredictive
36Filexx/xxxxxxxx.xpredictive
37Filexxx/xxxx/xxx.xpredictive
38Filexxx/xxxx/xxxxxx.xpredictive
39Filexxx/xxx/xxx_xxxxxx.xpredictive
40Filexxx/xxxx/xxxxx.xpredictive
41Filexxx/xxxxxxxxx/xx_xxxxxxxxx_xxxxxx.xpredictive
42Filexxx/xxxxxxxxxxx/xxxx.xpredictive
43Filexxx/xxxxxx/xxxxxxxxxxxxx.xpredictive
44Filexxxxx.xpredictive
45Filexxxxx.xpredictive
46Filexxxxxxxxx.xxxpredictive
47Filexxxxx/xxx/xxxx/xxxxx-xxx-xxx.xpredictive
48Filexxx.xpredictive
49Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictive
50Libraryxxxx/xxx/xxxxxxx/xxx/xxxx.xpredictive
51Libraryxxxx.xxxpredictive
52Libraryxxxxxxx/xxxxx/xxx.xpredictive
53Libraryxxxxxxx/xxxxx/xxxx.xpredictive
54Libraryxxxxxxx/xxx/xxxx_xxx.xpredictive
55Libraryxxx/xxx_xxxx.xpredictive
56Libraryxxx/xxxxxxxxxxxx.xpredictive
57Libraryxxx/xxxx_xxxxx.xpredictive
58Libraryxxx/xxxxxxxx.xpredictive
59Libraryxxx/xxx_xxxx.xpredictive
60Libraryxxx/xxxpredictive
61Libraryxxx/xxxxxxxx.xpredictive
62Libraryxxxxxxxx.xxxpredictive
63Libraryxxxx.xpredictive
64Argumentxxxxxxpredictive
65Argumentxxxxpredictive
66Argumentxx-xxxxxxpredictive
67Argumentxx_xxxx_xxxpredictive
68Argumentxxxxxx_xxxxpredictive
69Argumentxxxxx_xxxpredictive
70Argumentxxxxxxxpredictive
71Argumentxxxx_xxxxpredictive
72Argumentxxx_xxxxxxpredictive
73Argumentxxxxxxpredictive
74Argumentxxx_xxxxxxpredictive
75Argumentxx_xxxxx_xxxxxxxpredictive
76Argumentxxxx_xxxxxx_xxxxxpredictive
77Argumentxxxxxxxpredictive
78Argumentxxxxxxxxxxxpredictive
79Argumentxxxx_xxxxxxx_xxxxpredictive
80Argumentxxxxpredictive
81Argumentxxxx/xxxxxxxxpredictive
上一步一览下一步

Want to stay up to date on a daily basis?

Enable the mail alert feature now!