Membuat Active Response Wazuh untuk handle chain attack pada cups-browsed
Tags
| attack-pattern: | Data Server - T1583.004 Server - T1584.004 Sudo - T1169 |
Common Information
| Type | Value |
|---|---|
| UUID | 9d5f490e-0b48-4f96-b99c-98f339225f78 |
| Fingerprint | 95d10041da18cebb |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 6, 2024, 9:18 a.m. |
| Added to db | Oct. 6, 2024, 11:23 a.m. |
| Last updated | Nov. 17, 2024, 1:50 p.m. |
| Headline | Membuat Active Response Wazuh untuk handle chain attack pada cups-browsed |
| Title | Membuat Active Response Wazuh untuk handle chain attack pada cups-browsed |
| Detected Hints/Tags/Attributes | 18/1/12 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 72 | cve-2024-47176 |
|
| Details | CVE | 59 | cve-2024-47076 |
|
| Details | CVE | 55 | cve-2024-47175 |
|
| Details | CVE | 57 | cve-2024-47177 |
|
| Details | Domain | 23 | os.name |
|
| Details | Domain | 17 | datetime.datetime.now |
|
| Details | Domain | 28 | subprocess.run |
|
| Details | Domain | 6 | wazuh.com |
|
| Details | File | 4 | active-responses.log |
|
| Details | File | 36 | datetime.dat |
|
| Details | File | 7 | json.json |
|
| Details | Url | 1 | https://wazuh.com/blog/detecting-cups-remote-code-execution-vulnerability-with-wazuh |