Membuat Active Response Wazuh untuk handle chain attack pada cups-browsed
Tags
attack-pattern: | Data Server - T1583.004 Server - T1584.004 Sudo - T1169 |
Common Information
Type | Value |
---|---|
UUID | 9d5f490e-0b48-4f96-b99c-98f339225f78 |
Fingerprint | 95d10041da18cebb |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Oct. 6, 2024, 9:18 a.m. |
Added to db | Oct. 6, 2024, 11:23 a.m. |
Last updated | Dec. 6, 2024, 12:12 p.m. |
Headline | Membuat Active Response Wazuh untuk handle chain attack pada cups-browsed |
Title | Membuat Active Response Wazuh untuk handle chain attack pada cups-browsed |
Detected Hints/Tags/Attributes | 18/1/12 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 73 | cve-2024-47176 |
|
Details | CVE | 59 | cve-2024-47076 |
|
Details | CVE | 55 | cve-2024-47175 |
|
Details | CVE | 60 | cve-2024-47177 |
|
Details | Domain | 23 | os.name |
|
Details | Domain | 18 | datetime.datetime.now |
|
Details | Domain | 32 | subprocess.run |
|
Details | Domain | 6 | wazuh.com |
|
Details | File | 4 | active-responses.log |
|
Details | File | 37 | datetime.dat |
|
Details | File | 7 | json.json |
|
Details | Url | 1 | https://wazuh.com/blog/detecting-cups-remote-code-execution-vulnerability-with-wazuh |