Show in Graph
Common Information
Type Value
Value 
Exploit Public-Facing Application - T1190
Category Attack-Pattern
Type Mitre-Enterprise-Attack-Attack-Pattern
Misp Type Cluster
Description The use of software, data, or commands to take advantage of a weakness in an Internet-facing computer system or program in order to cause unintended or unanticipated behavior. The weakness in the system can be a bug, a glitch, or a design vulnerability. These applications are often websites, but can include databases (like SQL) (Citation: NVD CVE-2016-6662), standard services (like SMB (Citation: CIS Multiple SMB Vulnerabilities) or SSH), and any other applications with Internet accessible open sockets, such as web servers and related services. (Citation: NVD CVE-2014-7169) Depending on the flaw being exploited this may include Exploitation for Defense Evasion. For websites and databases, the OWASP top 10 gives a good list of the top 10 most common web-based vulnerabilities. (Citation: OWASP Top 10) Detection: Monitor application logs for abnormal behavior that may indicate attempted or successful exploitation. Use deep packet inspection to look for artifacts of common exploit traffic, such as SQL injection. Web Application Firewalls may detect improper inputs attempting exploitation. Platforms: Linux, Windows, macOS Data Sources: Application logs, Packet capture, Web logs, Web application firewall logs
Details Published Attributes CTI Title
Details Website 2024-11-16 90 From Royal to BlackSuit: Understanding the Tactics and Impact of a Sophisticated Ransomware Strain | #ransomware | #cybercrime | National Cyber Security Consulting
Details Website 2024-11-15 38 Dark Web Profile: Cadet Blizzard
Details Website 2024-11-13 23 T.A. — RansomHub
Details Website 2024-11-12 19 Multiple Vulnerabilities in Ivanti Endpoint Manager Could Allow for Remote Code Execution
Details Website 2024-11-09 19 TRACKING RANSOMWARE : OCTOBER 2024 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
Details Website 2024-11-08 25 Dark Web Profile: CosmicBeetle (NoName) Ransomware - SOCRadar® Cyber Intelligence Inc.
Details Website 2024-11-07 7 Mapping CTF Techniques to the MITRE ATT&CK Framework: TryHack3M: Bricks Heist
Details Website 2024-11-06 2 A Vulnerability in Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point Could Allow for Remote Code Execution
Details Website 2024-11-04 57 Threat Intelligence Report October 29 - November 4 2024 | Red Piranha
Details Website 2024-11-03 35 Threat Actor — Cl0P
Details Website 2024-11-01 43 Ngioweb Remains Active 7 Years Later
Details Website 2024-11-01 39 Dark Web Profile: Tropic Trooper (APT23) - SOCRadar® Cyber Intelligence Inc.
Details Website 2024-10-30 43 Investigating a SharePoint Compromise: IR Tales from the Field | Rapid7 Blog
Details Website 2024-10-30 379 从目录浏览分析幽盾攻击组织-安全客 - 安全资讯平台
Details Website 2024-10-30 28 Attacker Abuses Victim Resources to Reap Rewards from Titan Network
Details Website 2024-10-29 19 Ransomware: Kill Security
Details Website 2024-10-29 5 Multiple Vulnerabilities in Siemens InterMesh Subscriber Devices Could Allow for Remote Code Execution
Details Website 2024-10-28 3 CVE-2024-47575 Detection: FortiManager API Vulnerability Exploited in Zero-Day Attacks - SOC Prime
Details Website 2024-10-28 376 Inside the Open Directory of the “You Dun” Threat Group
Details Website 2024-10-28 25 Threat Intelligence Report October 22 - October 28 2024 | Red Piranha
Details Website 2024-10-25 30 TeamTNT’s Docker Gatling Gun Campaign
Details Website 2024-10-23 2 A Vulnerability in Fortinet FortiManager Could Allow for Remote Code Execution
Details Website 2024-10-22 22 Threat Intelligence Report October 15 - October 21 2024 | Red Piranha
Details Website 2024-10-22 13 Using gRPC and HTTP/2 for Cryptominer Deployment: An Unconventional Approach
Details Website 2024-10-19 21 Unmasking the Cyber Mirage: A Journey Through Gulf Region Cyberattacks