Update January 2023

actors/0ktapus/README.md

@@ -10,7 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 
 * [US](https://vuldb.com/?country.us)
 * [CN](https://vuldb.com/?country.cn)
-* [TK](https://vuldb.com/?country.tk)
+* [BR](https://vuldb.com/?country.br)
 * ...
 
 There are 12 more country items available. Please use our online service to access the data.
@@ -69,26 +69,27 @@ ID | Type | Indicator | Confidence
 12 | File | `/ebics-server/ebics.aspx` | High
 13 | File | `/esbus/servlet/GetSQLData` | High
 14 | File | `/film-rating.php` | High
-15 | File | `/goform/formLogin` | High
-16 | File | `/HNAP1` | Low
-17 | File | `/horde/util/go.php` | High
-18 | File | `/ishttpd/localweb/java/` | High
-19 | File | `/KK_LS9ReportingPortal/GetData` | High
-20 | File | `/mcategory.php` | High
-21 | File | `/out.php` | Medium
-22 | File | `/p` | Low
-23 | File | `/pages/processlogin.php` | High
-24 | File | `/product/savenewproduct.php?flag=1` | High
-25 | File | `/services/Card/findUser` | High
-26 | File | `/template/edit` | High
-27 | File | `/uncpath/` | Medium
-28 | File | `/usr/bin/uucp` | High
-29 | File | `/usr/local/contego/scripts/mgrconfig.pl` | High
-30 | File | `/v1/tokens` | Medium
-31 | File | `/web/google_analytics.php` | High
-32 | ... | ... | ...
+15 | File | `/forum/away.php` | High
+16 | File | `/goform/formLogin` | High
+17 | File | `/HNAP1` | Low
+18 | File | `/horde/util/go.php` | High
+19 | File | `/ishttpd/localweb/java/` | High
+20 | File | `/KK_LS9ReportingPortal/GetData` | High
+21 | File | `/mcategory.php` | High
+22 | File | `/out.php` | Medium
+23 | File | `/p` | Low
+24 | File | `/pages/processlogin.php` | High
+25 | File | `/product/savenewproduct.php?flag=1` | High
+26 | File | `/services/Card/findUser` | High
+27 | File | `/template/edit` | High
+28 | File | `/uncpath/` | Medium
+29 | File | `/usr/bin/uucp` | High
+30 | File | `/usr/local/contego/scripts/mgrconfig.pl` | High
+31 | File | `/v1/tokens` | Medium
+32 | File | `/web/google_analytics.php` | High
+33 | ... | ... | ...
 
-There are 276 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 280 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 

actors/3LOSH/README.md

@@ -55,4 +55,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/APT1/README.md

@@ -17,7 +17,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 
 * [US](https://vuldb.com/?country.us)
 * [CN](https://vuldb.com/?country.cn)
-* [RU](https://vuldb.com/?country.ru)
+* [GB](https://vuldb.com/?country.gb)
 * ...
 
 There are 1 more country items available. Please use our online service to access the data.

actors/APT28/README.md

@@ -130,7 +130,8 @@ ID | Type | Indicator | Confidence
 23 | File | `/plugins/servlet/project-config/PROJECT/roles` | High
 24 | File | `/REBOOTSYSTEM` | High
 25 | File | `/replication` | Medium
-26 | ... | ... | ...
+26 | File | `/RestAPI` | Medium
+27 | ... | ... | ...
 
 There are 223 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 

actors/APT29/README.md

@@ -80,15 +80,15 @@ ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
 1 | File | `//proc/kcore` | Medium
 2 | File | `/about.php` | Medium
-3 | File | `/admin/?page=system_info/contact_info` | High
-4 | File | `/admin/dl_sendmail.php` | High
-5 | File | `/admin/submit-articles` | High
-6 | File | `/ad_js.php` | Medium
-7 | File | `/Ap4RtpAtom.cpp` | High
-8 | File | `/api/v2/cli/commands` | High
-9 | File | `/app/options.py` | High
-10 | File | `/attachments` | Medium
-11 | File | `/bsms/?page=manage_account` | High
+3 | File | `/admin/dl_sendmail.php` | High
+4 | File | `/admin/submit-articles` | High
+5 | File | `/ad_js.php` | Medium
+6 | File | `/Ap4RtpAtom.cpp` | High
+7 | File | `/api/v2/cli/commands` | High
+8 | File | `/app/options.py` | High
+9 | File | `/attachments` | Medium
+10 | File | `/bsms/?page=manage_account` | High
+11 | File | `/bsms_ci/index.php/book` | High
 12 | File | `/cgi-bin/login.cgi` | High
 13 | File | `/cgi-bin/luci/api/wireless` | High
 14 | File | `/ci_hms/massage_room/edit/1` | High
@@ -97,22 +97,21 @@ ID | Type | Indicator | Confidence
 17 | File | `/debian/patches/load_ppp_generic_if_needed` | High
 18 | File | `/debug/pprof` | Medium
 19 | File | `/etc/hosts` | Medium
-20 | File | `/fuel/sitevariables/delete/4` | High
-21 | File | `/goform/aspForm` | High
+20 | File | `/forum/away.php` | High
+21 | File | `/fuel/sitevariables/delete/4` | High
 22 | File | `/goform/setmac` | High
 23 | File | `/goform/wizard_end` | High
 24 | File | `/hprms/admin/doctors/manage_doctor.php` | High
 25 | File | `/index/jobfairol/show/` | High
 26 | File | `/librarian/bookdetails.php` | High
 27 | File | `/manage-apartment.php` | High
-28 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
-29 | File | `/pages/apply_vacancy.php` | High
-30 | File | `/proc/<PID>/mem` | High
-31 | File | `/project/PROJECTNAME/reports/` | High
-32 | File | `/proxy` | Low
-33 | ... | ... | ...
+28 | File | `/medicines/profile.php` | High
+29 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
+30 | File | `/pages/apply_vacancy.php` | High
+31 | File | `/proc/<PID>/mem` | High
+32 | ... | ... | ...
 
-There are 280 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 272 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 

actors/APT34/README.md

@@ -91,7 +91,7 @@ ID | Type | Indicator | Confidence
 29 | File | `/replication` | Medium
 30 | ... | ... | ...
 
-There are 255 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 257 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 

actors/APT37/README.md

@@ -79,4 +79,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/APT38/README.md

@@ -69,4 +69,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/APT39/README.md

@@ -68,7 +68,7 @@ ID | Type | Indicator | Confidence
 12 | File | `/uncpath/` | Medium
 13 | ... | ... | ...
 
-There are 97 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 99 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 

actors/Abcbot/README.md

@@ -49,4 +49,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Admiral/README.md

@@ -32,4 +32,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Adrozek/README.md

@@ -28,4 +28,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Afghanistan Unknown/README.md

@@ -61,4 +61,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Agent OGR/README.md

@@ -28,4 +28,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Albania Unknown/README.md

@@ -84,4 +84,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Algeria Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [IL](https://vuldb.com/?country.il)
 * ...
 
-There are 19 more country items available. Please use our online service to access the data.
+There are 20 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -71,23 +71,23 @@ ID | Type | Indicator | Confidence
 7 | File | `/config.cgi?webmin` | High
 8 | File | `/filemanager/upload.php` | High
 9 | File | `/forum/away.php` | High
-10 | File | `/idm/admin/changeself.jsp` | High
-11 | File | `/idm/includes/helpServer.jsp` | High
-12 | File | `/if.cgi` | Low
-13 | File | `/include/chart_generator.php` | High
-14 | File | `/mifs/c/i/reg/reg.html` | High
-15 | File | `/modules/profile/index.php` | High
-16 | File | `/news.dtl.php` | High
-17 | File | `/product_list.php` | High
-18 | File | `/setup` | Low
-19 | File | `/spip.php` | Medium
-20 | File | `/uncpath/` | Medium
-21 | File | `/VPortal/mgtconsole/Subscriptions.jsp` | High
-22 | File | `/wp-content/plugins/updraftplus/admin.php` | High
-23 | File | `/_vti_pvt/access.cnf` | High
-24 | File | `5.2.9\syscrb.exe` | High
-25 | File | `a-b-membres.php` | High
-26 | File | `account.asp` | Medium
+10 | File | `/hrm/employeeadd.php` | High
+11 | File | `/idm/admin/changeself.jsp` | High
+12 | File | `/idm/includes/helpServer.jsp` | High
+13 | File | `/if.cgi` | Low
+14 | File | `/include/chart_generator.php` | High
+15 | File | `/mifs/c/i/reg/reg.html` | High
+16 | File | `/modules/profile/index.php` | High
+17 | File | `/news.dtl.php` | High
+18 | File | `/product_list.php` | High
+19 | File | `/setup` | Low
+20 | File | `/spip.php` | Medium
+21 | File | `/uncpath/` | Medium
+22 | File | `/VPortal/mgtconsole/Subscriptions.jsp` | High
+23 | File | `/wp-content/plugins/updraftplus/admin.php` | High
+24 | File | `/_vti_pvt/access.cnf` | High
+25 | File | `5.2.9\syscrb.exe` | High
+26 | File | `a-b-membres.php` | High
 27 | File | `act.php` | Low
 28 | File | `adclick.php` | Medium
 29 | File | `admin` | Low
@@ -122,10 +122,9 @@ ID | Type | Indicator | Confidence
 58 | File | `cgi-bin/DownloadCfg/RouterCfm.cfg` | High
 59 | File | `Cgi/private.py` | High
 60 | File | `city.asp` | Medium
-61 | File | `class.ajax.php` | High
-62 | ... | ... | ...
+61 | ... | ... | ...
 
-There are 542 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 535 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -142,4 +141,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Anatsa/README.md

@@ -62,4 +62,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Angola Unknown/README.md

@@ -61,4 +61,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Antarctica Unknown/README.md

@@ -75,52 +75,51 @@ ID | Type | Indicator | Confidence
 14 | File | `/cgi-bin/wlogin.cgi` | High
 15 | File | `/connectors/index.php` | High
 16 | File | `/dev/block/mmcblk0rpmb` | High
-17 | File | `/dms/admin/reports/daily_collection_report.php` | High
-18 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
-19 | File | `/face-recognition-php/facepay-master/camera.php` | High
-20 | File | `/forum/away.php` | High
-21 | File | `/fos/admin/ajax.php?action=login` | High
-22 | File | `/fos/admin/index.php?page=menu` | High
-23 | File | `/hrm/employeeadd.php` | High
-24 | File | `/hrm/employeeview.php` | High
-25 | File | `/index.php` | Medium
-26 | File | `/Items/*/RemoteImages/Download` | High
-27 | File | `/items/view_item.php` | High
-28 | File | `/jsoa/hntdCustomDesktopActionContent` | High
-29 | File | `/lists/admin/` | High
-30 | File | `/lookin/info` | Medium
-31 | File | `/MagickCore/image.c` | High
-32 | File | `/manager/index.php` | High
-33 | File | `/medical/inventories.php` | High
-34 | File | `/modules/profile/index.php` | High
-35 | File | `/modules/projects/vw_files.php` | High
-36 | File | `/modules/public/calendar.php` | High
-37 | File | `/newsDia.php` | Medium
-38 | File | `/out.php` | Medium
-39 | File | `/proxy` | Low
-40 | File | `/public/launchNewWindow.jsp` | High
-41 | File | `/Redcock-Farm/farm/category.php` | High
-42 | File | `/reports/rwservlet` | High
-43 | File | `/sacco_shield/manage_user.php` | High
-44 | File | `/spip.php` | Medium
-45 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
-46 | File | `/staff/bookdetails.php` | High
-47 | File | `/TeleoptiWFM/Administration/GetOneTenant` | High
-48 | File | `/user/update_booking.php` | High
-49 | File | `/WEB-INF/web.xml` | High
-50 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
-51 | File | `/Wedding-Management/package_detail.php` | High
-52 | File | `/wordpress/wp-admin/options-general.php` | High
-53 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
-54 | File | `01article.php` | High
-55 | File | `AbstractScheduleJob.java` | High
-56 | File | `actionphp/download.File.php` | High
-57 | File | `AdClass.php` | Medium
-58 | File | `adclick.php` | Medium
-59 | File | `addtocart.asp` | High
-60 | ... | ... | ...
+17 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
+18 | File | `/face-recognition-php/facepay-master/camera.php` | High
+19 | File | `/forum/away.php` | High
+20 | File | `/fos/admin/ajax.php?action=login` | High
+21 | File | `/fos/admin/index.php?page=menu` | High
+22 | File | `/hrm/employeeadd.php` | High
+23 | File | `/hrm/employeeview.php` | High
+24 | File | `/index.php` | Medium
+25 | File | `/Items/*/RemoteImages/Download` | High
+26 | File | `/items/view_item.php` | High
+27 | File | `/jsoa/hntdCustomDesktopActionContent` | High
+28 | File | `/lists/admin/` | High
+29 | File | `/lookin/info` | Medium
+30 | File | `/MagickCore/image.c` | High
+31 | File | `/manager/index.php` | High
+32 | File | `/medical/inventories.php` | High
+33 | File | `/modules/profile/index.php` | High
+34 | File | `/modules/projects/vw_files.php` | High
+35 | File | `/modules/public/calendar.php` | High
+36 | File | `/newsDia.php` | Medium
+37 | File | `/out.php` | Medium
+38 | File | `/proxy` | Low
+39 | File | `/public/launchNewWindow.jsp` | High
+40 | File | `/Redcock-Farm/farm/category.php` | High
+41 | File | `/reports/rwservlet` | High
+42 | File | `/sacco_shield/manage_user.php` | High
+43 | File | `/spip.php` | Medium
+44 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
+45 | File | `/staff/bookdetails.php` | High
+46 | File | `/TeleoptiWFM/Administration/GetOneTenant` | High
+47 | File | `/user/update_booking.php` | High
+48 | File | `/WEB-INF/web.xml` | High
+49 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
+50 | File | `/wordpress/wp-admin/options-general.php` | High
+51 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
+52 | File | `01article.php` | High
+53 | File | `AbstractScheduleJob.java` | High
+54 | File | `actionphp/download.File.php` | High
+55 | File | `AdClass.php` | Medium
+56 | File | `adclick.php` | Medium
+57 | File | `addtocart.asp` | High
+58 | File | `admin.php` | Medium
+59 | ... | ... | ...
 
-There are 527 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 512 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 

actors/Antigua and Barbuda Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [AG](https://vuldb.com/?country.ag)
 * ...
 
-There are 19 more country items available. Please use our online service to access the data.
+There are 20 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -49,7 +49,7 @@ ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1006 | CWE-22 | Pathname Traversal | High
 2 | T1055 | CWE-74 | Injection | High
-3 | T1059 | CWE-94 | Cross Site Scripting | High
+3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
 4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 5 | ... | ... | ... | ...
 
@@ -120,9 +120,10 @@ ID | Type | Indicator | Confidence
 57 | File | `bin/named/query.c` | High
 58 | File | `blank.php` | Medium
 59 | File | `blocklayered-ajax.php` | High
-60 | ... | ... | ...
+60 | File | `bluegate_seo.inc.php` | High
+61 | ... | ... | ...
 
-There are 523 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 530 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -139,4 +140,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/ApoMacroSploit/README.md

@@ -41,4 +41,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Argentina Unknown/README.md

@@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 
 * [US](https://vuldb.com/?country.us)
 * [CN](https://vuldb.com/?country.cn)
-* [DE](https://vuldb.com/?country.de)
+* [GB](https://vuldb.com/?country.gb)
 * ...
 
-There are 19 more country items available. Please use our online service to access the data.
+There are 25 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -177,12 +177,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
-2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
+2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-94 | Cross Site Scripting | High
+4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
 5 | ... | ... | ... | ...
 
-There are 17 more TTP items available. Please use our online service to access the data.
+There are 18 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -190,65 +190,69 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `.htaccess` | Medium
+1 | File | `.github/workflows/combine-prs.yml` | High
 2 | File | `/?admin/user.html` | High
 3 | File | `/Admin/add-student.php` | High
 4 | File | `/admin/addemployee.php` | High
-5 | File | `/admin/conferences/list/` | High
-6 | File | `/admin/edit_admin_details.php?id=admin` | High
-7 | File | `/admin/generalsettings.php` | High
-8 | File | `/Admin/login.php` | High
-9 | File | `/admin/payment.php` | High
-10 | File | `/admin/reports.php` | High
-11 | File | `/admin/showbad.php` | High
-12 | File | `/admin_page/all-files-update-ajax.php` | High
-13 | File | `/apilog.php` | Medium
-14 | File | `/cgi-bin/kerbynet` | High
-15 | File | `/cgi-bin/wlogin.cgi` | High
-16 | File | `/connectors/index.php` | High
-17 | File | `/demo/module/?module=HERE` | High
-18 | File | `/dms/admin/reports/daily_collection_report.php` | High
-19 | File | `/forum/away.php` | High
+5 | File | `/admin/api/admin/articles/` | High
+6 | File | `/Admin/login.php` | High
+7 | File | `/admin/showbad.php` | High
+8 | File | `/apilog.php` | Medium
+9 | File | `/cgi-bin/webadminget.cgi` | High
+10 | File | `/cgi-bin/wlogin.cgi` | High
+11 | File | `/connectors/index.php` | High
+12 | File | `/dev/block/mmcblk0rpmb` | High
+13 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
+14 | File | `/face-recognition-php/facepay-master/camera.php` | High
+15 | File | `/forum/away.php` | High
+16 | File | `/fos/admin/ajax.php?action=login` | High
+17 | File | `/fos/admin/index.php?page=menu` | High
+18 | File | `/hrm/employeeadd.php` | High
+19 | File | `/hrm/employeeview.php` | High
 20 | File | `/index.php` | Medium
-21 | File | `/info.cgi` | Medium
-22 | File | `/Items/*/RemoteImages/Download` | High
-23 | File | `/items/view_item.php` | High
-24 | File | `/lists/admin/` | High
-25 | File | `/MagickCore/image.c` | High
-26 | File | `/manager/index.php` | High
-27 | File | `/medical/inventories.php` | High
-28 | File | `/mgmt/tm/util/bash` | High
-29 | File | `/mkshop/Men/profile.php` | High
-30 | File | `/mobile/downloadfile.aspx` | High
-31 | File | `/modules/profile/index.php` | High
-32 | File | `/modules/projects/vw_files.php` | High
-33 | File | `/modules/public/calendar.php` | High
-34 | File | `/net/nfc/netlink.c` | High
-35 | File | `/newsDia.php` | Medium
-36 | File | `/out.php` | Medium
-37 | File | `/outgoing.php` | High
-38 | File | `/public/launchNewWindow.jsp` | High
+21 | File | `/items/view_item.php` | High
+22 | File | `/jsoa/hntdCustomDesktopActionContent` | High
+23 | File | `/lookin/info` | Medium
+24 | File | `/manager/index.php` | High
+25 | File | `/medical/inventories.php` | High
+26 | File | `/mkshop/Men/profile.php` | High
+27 | File | `/mobile/downloadfile.aspx` | High
+28 | File | `/modules/profile/index.php` | High
+29 | File | `/modules/projects/vw_files.php` | High
+30 | File | `/modules/public/calendar.php` | High
+31 | File | `/net/nfc/netlink.c` | High
+32 | File | `/newsDia.php` | Medium
+33 | File | `/out.php` | Medium
+34 | File | `/outgoing.php` | High
+35 | File | `/proxy` | Low
+36 | File | `/public/launchNewWindow.jsp` | High
+37 | File | `/Redcock-Farm/farm/category.php` | High
+38 | File | `/reports/rwservlet` | High
 39 | File | `/sacco_shield/manage_user.php` | High
 40 | File | `/spip.php` | Medium
 41 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
 42 | File | `/staff/bookdetails.php` | High
 43 | File | `/staff/delete.php` | High
-44 | File | `/TeleoptiWFM/Administration/GetOneTenant` | High
-45 | File | `/user/update_booking.php` | High
-46 | File | `/WEB-INF/web.xml` | High
-47 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
-48 | File | `/Wedding-Management/package_detail.php` | High
-49 | File | `/wordpress/wp-admin/options-general.php` | High
-50 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
-51 | File | `a2billing/customer/iridium_threed.php` | High
-52 | File | `AdClass.php` | Medium
-53 | File | `adclick.php` | Medium
-54 | File | `addtocart.asp` | High
-55 | File | `admin.jcomments.php` | High
-56 | File | `admin.php` | Medium
-57 | ... | ... | ...
+44 | File | `/user/update_booking.php` | High
+45 | File | `/WEB-INF/web.xml` | High
+46 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
+47 | File | `/wordpress/wp-admin/options-general.php` | High
+48 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
+49 | File | `01article.php` | High
+50 | File | `AbstractScheduleJob.java` | High
+51 | File | `actionphp/download.File.php` | High
+52 | File | `adclick.php` | Medium
+53 | File | `addtocart.asp` | High
+54 | File | `admin.jcomments.php` | High
+55 | File | `admin.php` | Medium
+56 | File | `admin/admin/adminsave.html` | High
+57 | File | `admin/conf_users_edit.php` | High
+58 | File | `admin/panels/entry/admin.entry.list.php` | High
+59 | File | `admin/panels/uploader/admin.uploader.php` | High
+60 | File | `admincp.php` | Medium
+61 | ... | ... | ...
 
-There are 499 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 530 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -265,4 +269,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Armenia Unknown/README.md

@@ -76,4 +76,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Armor Piercer/README.md

@@ -73,4 +73,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/ArtFulpie/README.md

@@ -97,4 +97,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Aruba Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [DE](https://vuldb.com/?country.de)
 * ...
 
-There are 19 more country items available. Please use our online service to access the data.
+There are 20 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -38,7 +38,7 @@ ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1006 | CWE-22 | Pathname Traversal | High
 2 | T1055 | CWE-74 | Injection | High
-3 | T1059 | CWE-94 | Cross Site Scripting | High
+3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
 4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 5 | ... | ... | ... | ...
 
@@ -104,7 +104,7 @@ ID | Type | Indicator | Confidence
 52 | File | `blocklayered-ajax.php` | High
 53 | ... | ... | ...
 
-There are 457 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 465 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -121,4 +121,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Ashiyane/README.md

@@ -29,4 +29,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Aspxor/README.md

@@ -17,11 +17,11 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
 ID | IP address | Hostname | Campaign | Confidence
 -- | ---------- | -------- | -------- | ----------
 1 | [46.55.222.24](https://vuldb.com/?ip.46.55.222.24) | - | - | High
-2 | [82.116.211.16](https://vuldb.com/?ip.82.116.211.16) | is.ouc.ac.cy | - | High
-3 | [93.186.181.62](https://vuldb.com/?ip.93.186.181.62) | - | - | High
+2 | [74.125.155.201](https://vuldb.com/?ip.74.125.155.201) | - | - | High
+3 | [82.116.211.16](https://vuldb.com/?ip.82.116.211.16) | is.ouc.ac.cy | - | High
 4 | ... | ... | ... | ...
 
-There are 6 more IOC items available. Please use our online service to access the data.
+There are 12 more IOC items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -36,6 +36,7 @@ ID | Type | Indicator | Confidence
 The following list contains _external sources_ which discuss the actor and the associated activities:
 
 * https://blog.talosintelligence.com/2019/04/threat-roundup-0405-0412.html
+* https://blog.talosintelligence.com/2020/10/threat-roundup-1016-1023.html
 
 ## Literature
 
@@ -46,4 +47,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Aurora/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [WF](https://vuldb.com/?country.wf)
 * ...
 
-There are 7 more country items available. Please use our online service to access the data.
+There are 8 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -42,7 +42,7 @@ ID | Technique | Weakness | Description | Confidence
 4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 5 | ... | ... | ... | ...
 
-There are 15 more TTP items available. Please use our online service to access the data.
+There are 16 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -56,22 +56,24 @@ ID | Type | Indicator | Confidence
 4 | File | `/GponForm/device_Form?script/` | High
 5 | File | `/index.php?/manage/channel/addchannel` | High
 6 | File | `/opac/Actions.php?a=login` | High
-7 | File | `/spip.php` | Medium
-8 | File | `/var/log/nginx` | High
-9 | File | `/wp-admin/admin-ajax.php` | High
-10 | File | `actions/beats_uploader.php` | High
-11 | File | `actions/vote_channel.php` | High
-12 | File | `Admin/ADM_Pagina.php` | High
-13 | File | `admin/article.php` | High
-14 | File | `admin/dashboard.php` | High
-15 | File | `Admin/edit-admin.php` | High
-16 | File | `admin/show.php?rec=update` | High
-17 | File | `allow/block` | Medium
-18 | File | `AlUpdate.exe` | Medium
-19 | File | `app/admin/controller/api/Update.php` | High
-20 | ... | ... | ...
+7 | File | `/opt/tms/bin/cli` | High
+8 | File | `/spip.php` | Medium
+9 | File | `/var/log/nginx` | High
+10 | File | `/wp-admin/admin-ajax.php` | High
+11 | File | `actions/beats_uploader.php` | High
+12 | File | `actions/vote_channel.php` | High
+13 | File | `Admin/ADM_Pagina.php` | High
+14 | File | `admin/article.php` | High
+15 | File | `admin/dashboard.php` | High
+16 | File | `Admin/edit-admin.php` | High
+17 | File | `admin/partials/ajax/add_field_to_form.php` | High
+18 | File | `admin/show.php?rec=update` | High
+19 | File | `allow/block` | Medium
+20 | File | `AlUpdate.exe` | Medium
+21 | File | `app/admin/controller/api/Update.php` | High
+22 | ... | ... | ...
 
-There are 167 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 184 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -88,4 +90,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Austria Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [RU](https://vuldb.com/?country.ru)
 * ...
 
-There are 26 more country items available. Please use our online service to access the data.
+There are 33 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -428,11 +428,11 @@ ID | Technique | Weakness | Description | Confidence
 1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
 2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
+4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
 5 | T1059.007 | CWE-79, CWE-80, CWE-87 | Cross Site Scripting | High
 6 | ... | ... | ... | ...
 
-There are 18 more TTP items available. Please use our online service to access the data.
+There are 21 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -440,67 +440,72 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `.procmailrc` | Medium
-2 | File | `/?admin/user.html` | High
-3 | File | `/Admin/add-student.php` | High
-4 | File | `/admin/addemployee.php` | High
-5 | File | `/admin/conferences/list/` | High
-6 | File | `/admin/login.php` | High
-7 | File | `/Admin/login.php` | High
-8 | File | `/admin/showbad.php` | High
-9 | File | `/admin/students/manage.php` | High
-10 | File | `/admin/students/view_student.php` | High
-11 | File | `/api/addusers` | High
-12 | File | `/api/user/upsert/<uuid>` | High
-13 | File | `/apilog.php` | Medium
-14 | File | `/cgi-bin/wlogin.cgi` | High
-15 | File | `/connectors/index.php` | High
-16 | File | `/dashboard/updatelogo.php` | High
-17 | File | `/forum/away.php` | High
-18 | File | `/h/calendar` | Medium
-19 | File | `/h/compose` | Medium
-20 | File | `/h/search?action=voicemail&action=listen` | High
-21 | File | `/index.php` | Medium
-22 | File | `/items/view_item.php` | High
-23 | File | `/loginVaLidation.php` | High
-24 | File | `/manage-apartment.php` | High
-25 | File | `/manager/index.php` | High
-26 | File | `/medical/inventories.php` | High
-27 | File | `/mkshop/Men/profile.php` | High
-28 | File | `/mobile/downloadfile.aspx` | High
-29 | File | `/modules/profile/index.php` | High
-30 | File | `/modules/projects/vw_files.php` | High
-31 | File | `/modules/public/calendar.php` | High
-32 | File | `/net/nfc/netlink.c` | High
-33 | File | `/newsDia.php` | Medium
-34 | File | `/Noxen-master/users.php` | High
-35 | File | `/opac/Actions.php?a=login` | High
-36 | File | `/out.php` | Medium
-37 | File | `/outgoing.php` | High
-38 | File | `/pages/animals.php` | High
+1 | File | `.../gogo/` | Medium
+2 | File | `.github/workflows/combine-prs.yml` | High
+3 | File | `/?admin/user.html` | High
+4 | File | `/Admin/add-student.php` | High
+5 | File | `/admin/api/admin/articles/` | High
+6 | File | `/Admin/login.php` | High
+7 | File | `/admin/students/manage.php` | High
+8 | File | `/api/user/upsert/<uuid>` | High
+9 | File | `/apilog.php` | Medium
+10 | File | `/cgi-bin/webadminget.cgi` | High
+11 | File | `/cgi-bin/wlogin.cgi` | High
+12 | File | `/connectors/index.php` | High
+13 | File | `/dev/block/mmcblk0rpmb` | High
+14 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
+15 | File | `/etc/ldap.conf` | High
+16 | File | `/etc/shadow` | Medium
+17 | File | `/face-recognition-php/facepay-master/camera.php` | High
+18 | File | `/forum/away.php` | High
+19 | File | `/fos/admin/ajax.php?action=login` | High
+20 | File | `/fos/admin/index.php?page=menu` | High
+21 | File | `/h/calendar` | Medium
+22 | File | `/h/compose` | Medium
+23 | File | `/h/search?action=voicemail&action=listen` | High
+24 | File | `/hrm/employeeadd.php` | High
+25 | File | `/hrm/employeeview.php` | High
+26 | File | `/index.php` | Medium
+27 | File | `/items/view_item.php` | High
+28 | File | `/jsoa/hntdCustomDesktopActionContent` | High
+29 | File | `/lookin/info` | Medium
+30 | File | `/manager/index.php` | High
+31 | File | `/medical/inventories.php` | High
+32 | File | `/modules/profile/index.php` | High
+33 | File | `/modules/projects/vw_files.php` | High
+34 | File | `/modules/public/calendar.php` | High
+35 | File | `/net/nfc/netlink.c` | High
+36 | File | `/newsDia.php` | Medium
+37 | File | `/opac/Actions.php?a=login` | High
+38 | File | `/out.php` | Medium
 39 | File | `/php-sms/classes/Master.php` | High
 40 | File | `/php-sms/classes/SystemSettings.php` | High
 41 | File | `/php_action/createOrder.php` | High
 42 | File | `/php_action/editProductImage.php` | High
-43 | File | `/public/launchNewWindow.jsp` | High
-44 | File | `/public/login.htm` | High
-45 | File | `/ResiotQueryDBActive` | High
-46 | File | `/sacco_shield/manage_user.php` | High
-47 | File | `/SetTriggerWPS/PIN` | High
-48 | File | `/spip.php` | Medium
-49 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
-50 | File | `/src/png2swf.c` | High
-51 | File | `/staff/bookdetails.php` | High
-52 | File | `/staff/delete.php` | High
+43 | File | `/proxy` | Low
+44 | File | `/Redcock-Farm/farm/category.php` | High
+45 | File | `/reports/rwservlet` | High
+46 | File | `/ResiotQueryDBActive` | High
+47 | File | `/sacco_shield/manage_user.php` | High
+48 | File | `/SetTriggerWPS/PIN` | High
+49 | File | `/spip.php` | Medium
+50 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
+51 | File | `/src/png2swf.c` | High
+52 | File | `/staff/bookdetails.php` | High
 53 | File | `/tos/index.php?app/app_start_stop` | High
-54 | File | `/uncpath/` | Medium
-55 | File | `/user/update_booking.php` | High
-56 | File | `/WEB-INF/web.xml` | High
-57 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
-58 | File | `/wordpress/wp-admin/options-general.php` | High
-59 | ... | ... | ...
+54 | File | `/user/update_booking.php` | High
+55 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
+56 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
+57 | File | `/wordpress/wp-admin/options-general.php` | High
+58 | File | `/wp-admin/admin-ajax.php` | High
+59 | File | `01article.php` | High
+60 | File | `AbstractScheduleJob.java` | High
+61 | File | `actionphp/download.File.php` | High
+62 | File | `adclick.php` | Medium
+63 | File | `add-patient.php` | High
+64 | ... | ... | ...
 
-There are 514 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 562 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -517,4 +522,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Autoruner/README.md

@@ -32,4 +32,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Aveo/README.md

@@ -23,6 +23,14 @@ ID | IP address | Hostname | Campaign | Confidence
 
 There are 1 more IOC items available. Please use our online service to access the data.
 
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Aveo_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1006 | CWE-22 | Pathname Traversal | High
+
 ## IOA - Indicator of Attack
 
 These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Aveo. This data is unique as it uses our predictive model for actor profiling.
@@ -47,4 +55,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Avos/README.md

@@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 
 * [FR](https://vuldb.com/?country.fr)
 * [RU](https://vuldb.com/?country.ru)
-* [ES](https://vuldb.com/?country.es)
+* [US](https://vuldb.com/?country.us)
 * ...
 
-There are 1 more country items available. Please use our online service to access the data.
+There are 2 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -43,12 +43,13 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `/iwguestbook/admin/badwords_edit.asp` | High
-2 | File | `/iwguestbook/admin/messages_edit.asp` | High
-3 | File | `admin/dashboard.php` | High
-4 | ... | ... | ...
+1 | File | `/cwc/login` | Medium
+2 | File | `/iwguestbook/admin/badwords_edit.asp` | High
+3 | File | `/iwguestbook/admin/messages_edit.asp` | High
+4 | File | `admin/dashboard.php` | High
+5 | ... | ... | ...
 
-There are 22 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 25 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -65,4 +66,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Azerbaijan Unknown/README.md

@@ -62,4 +62,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Azorult/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [RU](https://vuldb.com/?country.ru)
 * ...
 
-There are 9 more country items available. Please use our online service to access the data.
+There are 11 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -41,10 +41,11 @@ ID | Technique | Weakness | Description | Confidence
 1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
 2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-94 | Cross Site Scripting | High
-5 | ... | ... | ... | ...
+4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
+5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+6 | ... | ... | ... | ...
 
-There are 18 more TTP items available. Please use our online service to access the data.
+There are 19 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -58,20 +59,24 @@ ID | Type | Indicator | Confidence
 4 | File | `/auparse/auparse.c` | High
 5 | File | `/aux` | Low
 6 | File | `/BindAccount/SuccessTips.js` | High
-7 | File | `/home/httpd/cgi-bin/cgi.cgi` | High
-8 | File | `/login.html` | Medium
-9 | File | `/medical/inventories.php` | High
-10 | File | `/pages.php` | Medium
-11 | File | `/pages/save_user.php` | High
-12 | File | `/patient/doctors.php` | High
-13 | File | `/rom-0` | Low
-14 | File | `/uncpath/` | Medium
-15 | File | `/usr/local/psa/admin/sbin/wrapper` | High
-16 | File | `/usr/local/WowzaStreamingEngine/bin/` | High
-17 | File | `/vloggers_merch/classes/Master.php?f=delete_order` | High
-18 | ... | ... | ...
+7 | File | `/goform/QuickIndex` | High
+8 | File | `/goform/setMacFilterCfg` | High
+9 | File | `/goform/WifiBasicSet` | High
+10 | File | `/home/httpd/cgi-bin/cgi.cgi` | High
+11 | File | `/login.html` | Medium
+12 | File | `/medical/inventories.php` | High
+13 | File | `/pages.php` | Medium
+14 | File | `/pages/save_user.php` | High
+15 | File | `/patient/doctors.php` | High
+16 | File | `/rom-0` | Low
+17 | File | `/uncpath/` | Medium
+18 | File | `/usr/local/psa/admin/sbin/wrapper` | High
+19 | File | `/usr/local/WowzaStreamingEngine/bin/` | High
+20 | File | `/vloggers_merch/classes/Master.php?f=delete_order` | High
+21 | File | `abm.aspx` | Medium
+22 | ... | ... | ...
 
-There are 150 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 185 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -92,4 +97,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Babar/README.md

@@ -64,4 +64,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/BadPatch/README.md

@@ -8,6 +8,7 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
 
 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with BadPatch:
 
+* [US](https://vuldb.com/?country.us)
 * [DE](https://vuldb.com/?country.de)
 
 ## IOC - Indicator of Compromise
@@ -19,18 +20,27 @@ ID | IP address | Hostname | Campaign | Confidence
 1 | [148.251.135.117](https://vuldb.com/?ip.148.251.135.117) | server.pogled.ba | - | High
 2 | [195.154.216.74](https://vuldb.com/?ip.195.154.216.74) | 195-154-216-74.rev.poneytelecom.eu | - | High
 
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _BadPatch_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1068 | CWE-269 | Execution with Unnecessary Privileges | High
+2 | T1110.001 | CWE-798 | Improper Restriction of Excessive Authentication Attempts | High
+
 ## IOA - Indicator of Attack
 
 These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by BadPatch. This data is unique as it uses our predictive model for actor profiling.
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `includes/pages.inc.php` | High
-2 | File | `setup.cgi` | Medium
-3 | Argument | `PagePrefix` | Medium
+1 | File | `/usr/local/sbin/webproject/set_param.cgi` | High
+2 | File | `includes/pages.inc.php` | High
+3 | File | `setup.cgi` | Medium
 4 | ... | ... | ...
 
-There are 1 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 2 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -47,4 +57,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bahamas Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [DE](https://vuldb.com/?country.de)
 * ...
 
-There are 18 more country items available. Please use our online service to access the data.
+There are 19 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -45,7 +45,7 @@ ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1006 | CWE-22 | Pathname Traversal | High
 2 | T1055 | CWE-74 | Injection | High
-3 | T1059 | CWE-94 | Cross Site Scripting | High
+3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
 4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 5 | ... | ... | ... | ...
 
@@ -111,9 +111,10 @@ ID | Type | Indicator | Confidence
 52 | File | `auth.php` | Medium
 53 | File | `bin/named/query.c` | High
 54 | File | `blank.php` | Medium
-55 | ... | ... | ...
+55 | File | `blocklayered-ajax.php` | High
+56 | ... | ... | ...
 
-There are 480 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 487 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -130,4 +131,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bahrain Unknown/README.md

@@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 
 * [US](https://vuldb.com/?country.us)
 * [CN](https://vuldb.com/?country.cn)
-* [DE](https://vuldb.com/?country.de)
+* [GB](https://vuldb.com/?country.gb)
 * ...
 
-There are 17 more country items available. Please use our online service to access the data.
+There are 21 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -52,9 +52,9 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
-2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
+2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-94 | Cross Site Scripting | High
+4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 6 | ... | ... | ... | ...
 
@@ -66,72 +66,67 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `.htaccess` | Medium
-2 | File | `/Admin/add-student.php` | High
-3 | File | `/admin/conferences/list/` | High
-4 | File | `/admin/edit_admin_details.php?id=admin` | High
-5 | File | `/admin/generalsettings.php` | High
-6 | File | `/Admin/login.php` | High
-7 | File | `/admin/payment.php` | High
-8 | File | `/admin/reports.php` | High
-9 | File | `/admin/showbad.php` | High
-10 | File | `/admin_page/all-files-update-ajax.php` | High
-11 | File | `/apilog.php` | Medium
-12 | File | `/bsms/?page=products` | High
+1 | File | `.github/workflows/combine-prs.yml` | High
+2 | File | `.htaccess` | Medium
+3 | File | `/Admin/add-student.php` | High
+4 | File | `/admin/api/admin/articles/` | High
+5 | File | `/admin/conferences/list/` | High
+6 | File | `/admin/edit_admin_details.php?id=admin` | High
+7 | File | `/admin/generalsettings.php` | High
+8 | File | `/Admin/login.php` | High
+9 | File | `/admin/payment.php` | High
+10 | File | `/admin/reports.php` | High
+11 | File | `/admin/showbad.php` | High
+12 | File | `/apilog.php` | Medium
 13 | File | `/cgi-bin/kerbynet` | High
-14 | File | `/cgi-bin/system_mgr.cgi` | High
-15 | File | `/cgi-bin/wlogin.cgi` | High
-16 | File | `/cloud_config/router_post/check_reg_verify_code` | High
-17 | File | `/connectors/index.php` | High
-18 | File | `/debug/pprof` | Medium
-19 | File | `/dms/admin/reports/daily_collection_report.php` | High
-20 | File | `/filemanager/php/connector.php` | High
-21 | File | `/forum/away.php` | High
-22 | File | `/include/chart_generator.php` | High
-23 | File | `/index.php` | Medium
-24 | File | `/info.cgi` | Medium
-25 | File | `/Items/*/RemoteImages/Download` | High
-26 | File | `/items/view_item.php` | High
-27 | File | `/lists/admin/` | High
-28 | File | `/MagickCore/image.c` | High
-29 | File | `/manager/index.php` | High
-30 | File | `/medical/inventories.php` | High
-31 | File | `/mgmt/tm/util/bash` | High
-32 | File | `/modules/profile/index.php` | High
-33 | File | `/modules/projects/vw_files.php` | High
-34 | File | `/modules/public/calendar.php` | High
-35 | File | `/modx/manager/index.php` | High
-36 | File | `/newsDia.php` | Medium
-37 | File | `/out.php` | Medium
-38 | File | `/public/launchNewWindow.jsp` | High
-39 | File | `/sacco_shield/manage_user.php` | High
-40 | File | `/siteminderagent/pwcgi/smpwservicescgi.exe` | High
-41 | File | `/spip.php` | Medium
-42 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
-43 | File | `/staff/bookdetails.php` | High
-44 | File | `/TeleoptiWFM/Administration/GetOneTenant` | High
-45 | File | `/user/update_booking.php` | High
-46 | File | `/usr/bin/pkexec` | High
-47 | File | `/WEB-INF/web.xml` | High
-48 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
-49 | File | `/Wedding-Management/package_detail.php` | High
-50 | File | `/wordpress/wp-admin/options-general.php` | High
-51 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
-52 | File | `a2billing/customer/iridium_threed.php` | High
-53 | File | `AdClass.php` | Medium
-54 | File | `adclick.php` | Medium
-55 | File | `add.exe` | Low
-56 | File | `addtocart.asp` | High
-57 | File | `admin.php` | Medium
-58 | File | `admin.php?m=Food&a=addsave` | High
-59 | File | `admin/conf_users_edit.php` | High
-60 | File | `admin/index.php` | High
-61 | File | `admin/limits.php` | High
-62 | File | `admincp.php` | Medium
-63 | File | `admincp/search.php?do=dosearch` | High
-64 | ... | ... | ...
+14 | File | `/cgi-bin/wlogin.cgi` | High
+15 | File | `/connectors/index.php` | High
+16 | File | `/dev/block/mmcblk0rpmb` | High
+17 | File | `/dms/admin/reports/daily_collection_report.php` | High
+18 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
+19 | File | `/face-recognition-php/facepay-master/camera.php` | High
+20 | File | `/forum/away.php` | High
+21 | File | `/fos/admin/ajax.php?action=login` | High
+22 | File | `/fos/admin/index.php?page=menu` | High
+23 | File | `/hrm/employeeadd.php` | High
+24 | File | `/hrm/employeeview.php` | High
+25 | File | `/index.php` | Medium
+26 | File | `/Items/*/RemoteImages/Download` | High
+27 | File | `/items/view_item.php` | High
+28 | File | `/jsoa/hntdCustomDesktopActionContent` | High
+29 | File | `/lists/admin/` | High
+30 | File | `/lookin/info` | Medium
+31 | File | `/MagickCore/image.c` | High
+32 | File | `/manager/index.php` | High
+33 | File | `/medical/inventories.php` | High
+34 | File | `/modules/profile/index.php` | High
+35 | File | `/modules/projects/vw_files.php` | High
+36 | File | `/modules/public/calendar.php` | High
+37 | File | `/newsDia.php` | Medium
+38 | File | `/out.php` | Medium
+39 | File | `/proxy` | Low
+40 | File | `/public/launchNewWindow.jsp` | High
+41 | File | `/Redcock-Farm/farm/category.php` | High
+42 | File | `/reports/rwservlet` | High
+43 | File | `/sacco_shield/manage_user.php` | High
+44 | File | `/spip.php` | Medium
+45 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
+46 | File | `/staff/bookdetails.php` | High
+47 | File | `/TeleoptiWFM/Administration/GetOneTenant` | High
+48 | File | `/user/update_booking.php` | High
+49 | File | `/WEB-INF/web.xml` | High
+50 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
+51 | File | `/wordpress/wp-admin/options-general.php` | High
+52 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
+53 | File | `01article.php` | High
+54 | File | `AbstractScheduleJob.java` | High
+55 | File | `actionphp/download.File.php` | High
+56 | File | `AdClass.php` | Medium
+57 | File | `adclick.php` | Medium
+58 | File | `addtocart.asp` | High
+59 | ... | ... | ...
 
-There are 561 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 520 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -148,4 +143,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Baldr/README.md

@@ -10,6 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 
 * [NL](https://vuldb.com/?country.nl)
 * [US](https://vuldb.com/?country.us)
+* [RU](https://vuldb.com/?country.ru)
 
 ## IOC - Indicator of Compromise
 
@@ -57,7 +58,7 @@ ID | Technique | Weakness | Description | Confidence
 4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 5 | ... | ... | ... | ...
 
-There are 14 more TTP items available. Please use our online service to access the data.
+There are 15 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -73,29 +74,27 @@ ID | Type | Indicator | Confidence
 6 | File | `/debug/pprof` | Medium
 7 | File | `/export` | Low
 8 | File | `/file?action=download&file` | High
-9 | File | `/medical/inventories.php` | High
-10 | File | `/monitoring` | Medium
-11 | File | `/NAGErrors` | Medium
+9 | File | `/hardware` | Medium
+10 | File | `/medical/inventories.php` | High
+11 | File | `/monitoring` | Medium
 12 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
 13 | File | `/plugin/LiveChat/getChat.json.php` | High
 14 | File | `/plugins/servlet/audit/resource` | High
 15 | File | `/plugins/servlet/project-config/PROJECT/roles` | High
 16 | File | `/replication` | Medium
 17 | File | `/RestAPI` | Medium
-18 | File | `/tmp` | Low
-19 | File | `/tmp/speedtest_urls.xml` | High
-20 | File | `/tmp/zarafa-vacation-*` | High
-21 | File | `/uncpath/` | Medium
-22 | File | `/upload` | Low
+18 | File | `/tmp/speedtest_urls.xml` | High
+19 | File | `/tmp/zarafa-vacation-*` | High
+20 | File | `/uncpath/` | Medium
+21 | File | `/upload` | Low
+22 | File | `/user/loader.php?api=1` | High
 23 | File | `/var/log/nginx` | High
 24 | File | `/var/run/watchman.pid` | High
 25 | File | `/viewer/krpano.html` | High
 26 | File | `/wp-json/oembed/1.0/embed?url` | High
-27 | File | `admin-ajax.php?action=get_wdtable order[0][dir]` | High
-28 | File | `admin\model\catalog\download.php` | High
-29 | ... | ... | ...
+27 | ... | ... | ...
 
-There are 245 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 223 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -112,4 +111,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bandook/README.md

@@ -52,22 +52,23 @@ ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
 1 | File | `/cgi-bin/kerbynet` | High
 2 | File | `/cgi-bin/supervisor/CloudSetup.cgi` | High
-3 | File | `/domain/add` | Medium
-4 | File | `/etc/sudoers` | Medium
-5 | File | `/index.php/weblinks-categories` | High
-6 | File | `/plain` | Low
-7 | File | `/show_group_members.php` | High
-8 | File | `/web/google_analytics.php` | High
-9 | File | `album_portal.php` | High
-10 | File | `al_initialize.php` | High
-11 | File | `archive_endian.h` | High
-12 | File | `bmp.c` | Low
-13 | File | `cgi-bin/jc.cgi` | High
-14 | File | `checklogin.php` | High
-15 | File | `cmd.exe` | Low
-16 | ... | ... | ...
+3 | File | `/cgi-bin/wlogin.cgi` | High
+4 | File | `/domain/add` | Medium
+5 | File | `/etc/sudoers` | Medium
+6 | File | `/index.php/weblinks-categories` | High
+7 | File | `/plain` | Low
+8 | File | `/show_group_members.php` | High
+9 | File | `/SysInfo.htm` | Medium
+10 | File | `/web/google_analytics.php` | High
+11 | File | `album_portal.php` | High
+12 | File | `al_initialize.php` | High
+13 | File | `archive_endian.h` | High
+14 | File | `bmp.c` | Low
+15 | File | `cgi-bin/jc.cgi` | High
+16 | File | `checklogin.php` | High
+17 | ... | ... | ...
 
-There are 129 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 136 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -85,4 +86,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bangladesh Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [CN](https://vuldb.com/?country.cn)
 * ...
 
-There are 14 more country items available. Please use our online service to access the data.
+There are 21 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -315,31 +315,39 @@ ID | Type | Indicator | Confidence
 12 | File | `/admin/users.php?source=edit_user&id=1` | High
 13 | File | `/administrator/alerts/alertLightbox.php` | High
 14 | File | `/administrator/templates/default/html/windows/right.php` | High
-15 | File | `/apps/acs-commons/content/page-compare.html` | High
-16 | File | `/demo/module/?module=HERE` | High
-17 | File | `/download/set.cgi` | High
+15 | File | `/cgi-bin/webadminget.cgi` | High
+16 | File | `/Default/Bd` | Medium
+17 | File | `/demo/module/?module=HERE` | High
 18 | File | `/downloadmaster/dm_apply.cgi?action_mode=initial&download_type=General&special_cgi=get_language` | High
-19 | File | `/dvcset/sysset/set.cgi` | High
-20 | File | `/employeeview.php` | High
-21 | File | `/etc/sudoers` | Medium
-22 | File | `/filemanager/php/connector.php` | High
-23 | File | `/forum/away.php` | High
-24 | File | `/goform/SysToolReboot` | High
-25 | File | `/goform/WifiExtraSet` | High
-26 | File | `/index.php` | Medium
-27 | File | `/index.php?m=admin&c=custom&a=plugindelhandle` | High
-28 | File | `/mkshop/Men/profile.php` | High
-29 | File | `/mngset/authset` | High
-30 | File | `/mobile/downloadfile.aspx` | High
-31 | File | `/net/nfc/netlink.c` | High
-32 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
-33 | File | `/outgoing.php` | High
-34 | File | `/php_action/editProductImage.php` | High
-35 | File | `/presale/join` | High
-36 | File | `/public/launchNewWindow.jsp` | High
-37 | ... | ... | ...
+19 | File | `/employeeview.php` | High
+20 | File | `/etc/sudoers` | Medium
+21 | File | `/filemanager/php/connector.php` | High
+22 | File | `/forum/away.php` | High
+23 | File | `/goform/SysToolReboot` | High
+24 | File | `/goform/WifiExtraSet` | High
+25 | File | `/hrm/controller/employee.php` | High
+26 | File | `/hrm/employeeadd.php` | High
+27 | File | `/hrm/employeeview.php` | High
+28 | File | `/index.php` | Medium
+29 | File | `/index.php?m=admin&c=custom&a=plugindelhandle` | High
+30 | File | `/mkshop/Men/profile.php` | High
+31 | File | `/mobile/downloadfile.aspx` | High
+32 | File | `/net/nfc/netlink.c` | High
+33 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
+34 | File | `/outgoing.php` | High
+35 | File | `/php_action/editProductImage.php` | High
+36 | File | `/product/savenewproduct.php?flag=1` | High
+37 | File | `/rest/api/1.0/issues/{id}/ActionsAndOperations` | High
+38 | File | `/secure/admin/RestoreDefaults.jspa` | High
+39 | File | `/services/Card/findUser` | High
+40 | File | `/spip.php` | Medium
+41 | File | `/staff/delete.php` | High
+42 | File | `/uncpath/` | Medium
+43 | File | `/var/log/qualys/qualys-cloud-agent-scan.log` | High
+44 | File | `/Videos/Id/hls/PlaylistId/SegmentId.SegmentContainer` | High
+45 | ... | ... | ...
 
-There are 321 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 388 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -356,4 +364,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Banjori/README.md

@@ -63,4 +63,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Barbados Unknown/README.md

@@ -58,4 +58,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/BeamWinHTTP/README.md

@@ -9,6 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with BeamWinHTTP:
 
 * [US](https://vuldb.com/?country.us)
+* [PT](https://vuldb.com/?country.pt)
+* [IT](https://vuldb.com/?country.it)
+* ...
+
+There are 1 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -30,7 +35,7 @@ ID | Technique | Weakness | Description | Confidence
 3 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 4 | ... | ... | ... | ...
 
-There are 11 more TTP items available. Please use our online service to access the data.
+There are 13 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -42,96 +47,100 @@ ID | Type | Indicator | Confidence
 2 | File | `/admin.php` | Medium
 3 | File | `/admin/doctors/view_doctor.php` | High
 4 | File | `/admin/modules/bibliography/index.php` | High
-5 | File | `/adminlogin.asp` | High
-6 | File | `/app/controller/Books.php` | High
-7 | File | `/aqpg/users/login.php` | High
-8 | File | `/controller/Index.php` | High
-9 | File | `/coreframe/app/content/admin/content.php` | High
-10 | File | `/dl/dl_print.php` | High
-11 | File | `/etc/master.passwd` | High
-12 | File | `/etc/passwd` | Medium
-13 | File | `/Hospital-Management-System-master/contact.php` | High
-14 | File | `/include/friends.inc.php` | High
-15 | File | `/members/view_member.php` | High
-16 | File | `/servlet/webacc` | High
-17 | File | `/sitemagic/upgrade.php` | High
-18 | File | `/userui/ticket_list.php` | High
-19 | File | `/wp-admin/options-general.php` | High
-20 | File | `/zm/index.php` | High
-21 | File | `abook_database.php` | High
-22 | File | `accounts/inc/include.php` | High
-23 | File | `adaptive-images-script.php` | High
-24 | File | `additem.asp` | Medium
-25 | File | `addtocart.asp` | High
-26 | File | `adherents/subscription/info.php` | High
-27 | File | `admin.asp` | Medium
-28 | File | `admin.php` | Medium
-29 | File | `admin/admin.php` | High
-30 | File | `admin/admin_users.php` | High
-31 | File | `admin/general.php` | High
-32 | File | `admin/header.php` | High
-33 | File | `admin/inc/change_action.php` | High
-34 | File | `admin/index.php` | High
-35 | File | `admin/info.php` | High
-36 | File | `admin/login.asp` | High
-37 | File | `admin/manage-comments.php` | High
-38 | File | `admin/manage-news.php` | High
-39 | File | `admin/plugin-settings.php` | High
-40 | File | `admin/specials.php` | High
-41 | File | `admin:de` | Medium
-42 | File | `admincp/auth/checklogin.php` | High
-43 | File | `admincp/auth/secure.php` | High
-44 | File | `administrator/components/com_media/helpers/media.php` | High
-45 | File | `administrator/index.php` | High
-46 | File | `admin_login.asp` | High
-47 | File | `adv_search.asp` | High
-48 | File | `ajax_url.php` | Medium
-49 | File | `album_portal.php` | High
-50 | File | `al_initialize.php` | High
-51 | File | `anjel.index.php` | High
-52 | File | `annonces-p-f.php` | High
-53 | File | `announce.php` | Medium
-54 | File | `announcement.php` | High
-55 | File | `announcements.php` | High
-56 | File | `app/admin/routing/edit-bgp-mapping-search.php` | High
-57 | File | `application/config/config.php` | High
-58 | File | `apply.cgi` | Medium
-59 | File | `apps/app_article/controller/rating.php` | High
-60 | File | `article.php` | Medium
-61 | File | `articles.php` | Medium
-62 | File | `artikel_anzeige.php` | High
-63 | File | `auktion.cgi` | Medium
-64 | File | `auth.php` | Medium
-65 | File | `authfiles/login.asp` | High
-66 | File | `basket.php` | Medium
-67 | File | `boardData103.php/boardDataJP.php/boardDataNA.php/boardDataWW.php` | High
-68 | File | `books.php` | Medium
-69 | File | `browse-category.php` | High
-70 | File | `browse.php` | Medium
-71 | File | `browse_videos.php` | High
-72 | File | `BrudaNews/BrudaGB` | High
-73 | File | `bwlist_inc.html` | High
-74 | File | `calendar.php` | Medium
-75 | File | `callme_page.php` | High
-76 | File | `cart.php` | Medium
-77 | File | `cart_add.php` | Medium
-78 | File | `case.filemanager.php` | High
-79 | File | `catalog.php` | Medium
-80 | File | `catalogshop.php` | High
-81 | File | `catalogue.asp` | High
-82 | File | `category.cfm` | Medium
-83 | File | `category.php` | Medium
-84 | File | `category_list.php` | High
-85 | File | `cgi-bin/awstats.pl` | High
-86 | File | `channel.asp` | Medium
-87 | File | `ChooseCpSearch.php` | High
-88 | File | `comentarii.php` | High
-89 | File | `comments.php` | Medium
-90 | File | `config.inc.php` | High
-91 | File | `config.php` | Medium
-92 | ... | ... | ...
+5 | File | `/admin/students/manage.php` | High
+6 | File | `/adminlogin.asp` | High
+7 | File | `/app/controller/Books.php` | High
+8 | File | `/aqpg/users/login.php` | High
+9 | File | `/controller/Index.php` | High
+10 | File | `/coreframe/app/content/admin/content.php` | High
+11 | File | `/dev/audio` | Medium
+12 | File | `/dl/dl_print.php` | High
+13 | File | `/etc/crash` | Medium
+14 | File | `/etc/master.passwd` | High
+15 | File | `/etc/passwd` | Medium
+16 | File | `/goform/AddSysLogRule` | High
+17 | File | `/goform/WifiBasicSet` | High
+18 | File | `/Hospital-Management-System-master/contact.php` | High
+19 | File | `/include/friends.inc.php` | High
+20 | File | `/index.php?module=configuration/application` | High
+21 | File | `/members/view_member.php` | High
+22 | File | `/services/view_service.php` | High
+23 | File | `/servlet/webacc` | High
+24 | File | `/sitemagic/upgrade.php` | High
+25 | File | `/userui/ticket_list.php` | High
+26 | File | `/usr/5bin/su` | Medium
+27 | File | `/wp-admin/options-general.php` | High
+28 | File | `/zm/index.php` | High
+29 | File | `1.x/src/rogatkin/web/WarRoller.java` | High
+30 | File | `abook_database.php` | High
+31 | File | `accounts/inc/include.php` | High
+32 | File | `adaptive-images-script.php` | High
+33 | File | `additem.asp` | Medium
+34 | File | `addtocart.asp` | High
+35 | File | `adherents/subscription/info.php` | High
+36 | File | `admin.asp` | Medium
+37 | File | `admin.php` | Medium
+38 | File | `admin/admin.php` | High
+39 | File | `admin/admin_users.php` | High
+40 | File | `admin/article_save.php` | High
+41 | File | `admin/general.php` | High
+42 | File | `admin/header.php` | High
+43 | File | `admin/inc/change_action.php` | High
+44 | File | `admin/index.php` | High
+45 | File | `admin/info.php` | High
+46 | File | `admin/login.asp` | High
+47 | File | `admin/manage-comments.php` | High
+48 | File | `admin/manage-news.php` | High
+49 | File | `admin/plugin-settings.php` | High
+50 | File | `admin/specials.php` | High
+51 | File | `admin:de` | Medium
+52 | File | `admincp/auth/checklogin.php` | High
+53 | File | `admincp/auth/secure.php` | High
+54 | File | `administrator/components/com_media/helpers/media.php` | High
+55 | File | `administrator/index.php` | High
+56 | File | `admin_login.asp` | High
+57 | File | `adv_search.asp` | High
+58 | File | `ajax_url.php` | Medium
+59 | File | `album_portal.php` | High
+60 | File | `al_initialize.php` | High
+61 | File | `anjel.index.php` | High
+62 | File | `annonces-p-f.php` | High
+63 | File | `announce.php` | Medium
+64 | File | `announcement.php` | High
+65 | File | `announcements.php` | High
+66 | File | `app/admin/routing/edit-bgp-mapping-search.php` | High
+67 | File | `application/config/config.php` | High
+68 | File | `application/controllers/basedata/inventory.php` | High
+69 | File | `apply.cgi` | Medium
+70 | File | `apps/app_article/controller/rating.php` | High
+71 | File | `article.php` | Medium
+72 | File | `articles.php` | Medium
+73 | File | `artikel_anzeige.php` | High
+74 | File | `auktion.cgi` | Medium
+75 | File | `auth.php` | Medium
+76 | File | `authfiles/login.asp` | High
+77 | File | `basket.php` | Medium
+78 | File | `books.php` | Medium
+79 | File | `browse-category.php` | High
+80 | File | `browse.php` | Medium
+81 | File | `browse_videos.php` | High
+82 | File | `BrudaNews/BrudaGB` | High
+83 | File | `bwlist_inc.html` | High
+84 | File | `calendar.php` | Medium
+85 | File | `callme_page.php` | High
+86 | File | `cart.php` | Medium
+87 | File | `cart_add.php` | Medium
+88 | File | `case.filemanager.php` | High
+89 | File | `catalog.php` | Medium
+90 | File | `catalogshop.php` | High
+91 | File | `catalogue.asp` | High
+92 | File | `category.cfm` | Medium
+93 | File | `category.php` | Medium
+94 | File | `category_list.php` | High
+95 | File | `cgi-bin/awstats.pl` | High
+96 | ... | ... | ...
 
-There are 814 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 844 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -148,4 +157,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Beastmode/README.md

@@ -27,6 +27,14 @@ ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1059.007 | CWE-79 | Cross Site Scripting | High
 
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Beastmode. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | Argument | `Name` | Low
+
 ## References
 
 The following list contains _external sources_ which discuss the actor and the associated activities:
@@ -42,4 +50,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Belarus Unknown/README.md

@@ -104,4 +104,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/BelialDemon/README.md

@@ -68,4 +68,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Belize Unknown/README.md

@@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 
 * [US](https://vuldb.com/?country.us)
 * [CN](https://vuldb.com/?country.cn)
-* [DE](https://vuldb.com/?country.de)
+* [GB](https://vuldb.com/?country.gb)
 * ...
 
-There are 20 more country items available. Please use our online service to access the data.
+There are 23 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -65,11 +65,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
-2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
+1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
+2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
-5 | ... | ... | ... | ...
+4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
+5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+6 | ... | ... | ... | ...
 
 There are 18 more TTP items available. Please use our online service to access the data.
 
@@ -79,67 +80,68 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `.htaccess` | Medium
-2 | File | `/Admin/add-student.php` | High
-3 | File | `/admin/conferences/list/` | High
-4 | File | `/admin/edit_admin_details.php?id=admin` | High
-5 | File | `/admin/generalsettings.php` | High
-6 | File | `/Admin/login.php` | High
-7 | File | `/admin/payment.php` | High
-8 | File | `/admin/reports.php` | High
-9 | File | `/admin/showbad.php` | High
-10 | File | `/admin_page/all-files-update-ajax.php` | High
-11 | File | `/apilog.php` | Medium
-12 | File | `/bsms/?page=products` | High
+1 | File | `.github/workflows/combine-prs.yml` | High
+2 | File | `.htaccess` | Medium
+3 | File | `/Admin/add-student.php` | High
+4 | File | `/admin/api/admin/articles/` | High
+5 | File | `/admin/conferences/list/` | High
+6 | File | `/admin/edit_admin_details.php?id=admin` | High
+7 | File | `/admin/generalsettings.php` | High
+8 | File | `/Admin/login.php` | High
+9 | File | `/admin/payment.php` | High
+10 | File | `/admin/reports.php` | High
+11 | File | `/admin/showbad.php` | High
+12 | File | `/apilog.php` | Medium
 13 | File | `/cgi-bin/kerbynet` | High
-14 | File | `/cgi-bin/system_mgr.cgi` | High
-15 | File | `/cgi-bin/wlogin.cgi` | High
-16 | File | `/cloud_config/router_post/check_reg_verify_code` | High
-17 | File | `/connectors/index.php` | High
-18 | File | `/debug/pprof` | Medium
-19 | File | `/dms/admin/reports/daily_collection_report.php` | High
-20 | File | `/forum/away.php` | High
-21 | File | `/hrm/employeeadd.php` | High
-22 | File | `/include/chart_generator.php` | High
-23 | File | `/index.php` | Medium
-24 | File | `/info.cgi` | Medium
+14 | File | `/cgi-bin/wlogin.cgi` | High
+15 | File | `/connectors/index.php` | High
+16 | File | `/dev/block/mmcblk0rpmb` | High
+17 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
+18 | File | `/face-recognition-php/facepay-master/camera.php` | High
+19 | File | `/forum/away.php` | High
+20 | File | `/fos/admin/ajax.php?action=login` | High
+21 | File | `/fos/admin/index.php?page=menu` | High
+22 | File | `/hrm/employeeadd.php` | High
+23 | File | `/hrm/employeeview.php` | High
+24 | File | `/index.php` | Medium
 25 | File | `/Items/*/RemoteImages/Download` | High
 26 | File | `/items/view_item.php` | High
-27 | File | `/lists/admin/` | High
-28 | File | `/lookin/info` | Medium
-29 | File | `/MagickCore/image.c` | High
-30 | File | `/manager/index.php` | High
-31 | File | `/medical/inventories.php` | High
-32 | File | `/mgmt/tm/util/bash` | High
+27 | File | `/jsoa/hntdCustomDesktopActionContent` | High
+28 | File | `/lists/admin/` | High
+29 | File | `/lookin/info` | Medium
+30 | File | `/MagickCore/image.c` | High
+31 | File | `/manager/index.php` | High
+32 | File | `/medical/inventories.php` | High
 33 | File | `/modules/profile/index.php` | High
 34 | File | `/modules/projects/vw_files.php` | High
 35 | File | `/modules/public/calendar.php` | High
 36 | File | `/newsDia.php` | Medium
 37 | File | `/out.php` | Medium
-38 | File | `/public/launchNewWindow.jsp` | High
-39 | File | `/Redcock-Farm/farm/category.php` | High
-40 | File | `/sacco_shield/manage_user.php` | High
-41 | File | `/spip.php` | Medium
-42 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
-43 | File | `/staff/bookdetails.php` | High
-44 | File | `/TeleoptiWFM/Administration/GetOneTenant` | High
-45 | File | `/user/update_booking.php` | High
-46 | File | `/usr/bin/pkexec` | High
-47 | File | `/WEB-INF/web.xml` | High
-48 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
-49 | File | `/Wedding-Management/package_detail.php` | High
-50 | File | `/wordpress/wp-admin/options-general.php` | High
-51 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
-52 | File | `a2billing/customer/iridium_threed.php` | High
-53 | File | `AdClass.php` | Medium
-54 | File | `adclick.php` | Medium
-55 | File | `add.exe` | Low
-56 | File | `addtocart.asp` | High
-57 | File | `admin.php` | Medium
-58 | File | `admin.php?m=Food&a=addsave` | High
-59 | ... | ... | ...
+38 | File | `/proxy` | Low
+39 | File | `/public/launchNewWindow.jsp` | High
+40 | File | `/Redcock-Farm/farm/category.php` | High
+41 | File | `/reports/rwservlet` | High
+42 | File | `/sacco_shield/manage_user.php` | High
+43 | File | `/spip.php` | Medium
+44 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
+45 | File | `/staff/bookdetails.php` | High
+46 | File | `/TeleoptiWFM/Administration/GetOneTenant` | High
+47 | File | `/user/update_booking.php` | High
+48 | File | `/var/log/nginx` | High
+49 | File | `/WEB-INF/web.xml` | High
+50 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
+51 | File | `/wordpress/wp-admin/options-general.php` | High
+52 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
+53 | File | `01article.php` | High
+54 | File | `AbstractScheduleJob.java` | High
+55 | File | `actionphp/download.File.php` | High
+56 | File | `AdClass.php` | Medium
+57 | File | `adclick.php` | Medium
+58 | File | `addtocart.asp` | High
+59 | File | `admin.php` | Medium
+60 | ... | ... | ...
 
-There are 520 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 523 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -156,4 +158,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Benin Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [ES](https://vuldb.com/?country.es)
 * ...
 
-There are 15 more country items available. Please use our online service to access the data.
+There are 16 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -86,9 +86,10 @@ ID | Type | Indicator | Confidence
 30 | File | `album_portal.php` | High
 31 | File | `api.php` | Low
 32 | File | `app/api/cms/user.py` | High
-33 | ... | ... | ...
+33 | File | `application/home/controller/debug.php` | High
+34 | ... | ... | ...
 
-There are 285 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 289 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -105,4 +106,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bermuda Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [DE](https://vuldb.com/?country.de)
 * ...
 
-There are 20 more country items available. Please use our online service to access the data.
+There are 21 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -47,7 +47,7 @@ ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1006 | CWE-22 | Pathname Traversal | High
 2 | T1055 | CWE-74 | Injection | High
-3 | T1059 | CWE-94 | Cross Site Scripting | High
+3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
 4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 5 | ... | ... | ... | ...
 
@@ -111,9 +111,10 @@ ID | Type | Indicator | Confidence
 50 | File | `bin/named/query.c` | High
 51 | File | `blank.php` | Medium
 52 | File | `blocklayered-ajax.php` | High
-53 | ... | ... | ...
+53 | File | `bluegate_seo.inc.php` | High
+54 | ... | ... | ...
 
-There are 464 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 471 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -130,4 +131,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bigviktor/README.md

@@ -34,4 +34,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bistromath/README.md

@@ -18,18 +18,31 @@ ID | IP address | Hostname | Campaign | Confidence
 -- | ---------- | -------- | -------- | ----------
 1 | [159.100.250.231](https://vuldb.com/?ip.159.100.250.231) | - | - | High
 
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Bistromath_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1006 | CWE-22 | Pathname Traversal | High
+2 | T1202 | CWE-78 | Command Injection | High
+3 | T1505 | CWE-89 | SQL Injection | High
+4 | ... | ... | ... | ...
+
+There are 1 more TTP items available. Please use our online service to access the data.
+
 ## IOA - Indicator of Attack
 
 These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Bistromath. This data is unique as it uses our predictive model for actor profiling.
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `admin/login.asp` | High
-2 | File | `cat.php` | Low
-3 | Argument | `CatID` | Low
+1 | File | `/app/register.php` | High
+2 | File | `admin/login.asp` | High
+3 | File | `cat.php` | Low
 4 | ... | ... | ...
 
-There are 1 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 6 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -46,4 +59,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Black Vine/README.md

@@ -27,4 +27,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/BlackByte/README.md

@@ -69,4 +69,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/BlackNet/README.md

@@ -10,6 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 
 * [US](https://vuldb.com/?country.us)
 * [NL](https://vuldb.com/?country.nl)
+* [RU](https://vuldb.com/?country.ru)
 
 ## IOC - Indicator of Compromise
 
@@ -30,8 +31,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1059.007 | CWE-79 | Cross Site Scripting | High
-2 | T1110.001 | CWE-798 | Improper Restriction of Excessive Authentication Attempts | High
+1 | T1006 | CWE-22 | Pathname Traversal | High
+2 | T1059 | CWE-94 | Cross Site Scripting | High
+3 | T1059.007 | CWE-79 | Cross Site Scripting | High
+4 | ... | ... | ... | ...
+
+There are 4 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -61,4 +66,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Blackshades/README.md

@@ -33,4 +33,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bladabindi/README.md

@@ -27,4 +27,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/BlankSlate/README.md

@@ -67,4 +67,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bolivia Unknown/README.md

@@ -84,4 +84,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bondnet/README.md

@@ -33,9 +33,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1059.007 | CWE-80 | Cross Site Scripting | High
-2 | T1068 | CWE-264, CWE-284 | Execution with Unnecessary Privileges | High
-3 | T1110.001 | CWE-798 | Improper Restriction of Excessive Authentication Attempts | High
+1 | T1059 | CWE-94 | Cross Site Scripting | High
+2 | T1059.007 | CWE-80 | Cross Site Scripting | High
+3 | T1068 | CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
+4 | ... | ... | ... | ...
+
+There are 5 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -43,12 +46,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `awstats.pl` | Medium
-2 | File | `class.showtime2_image.php` | High
-3 | File | `data/gbconfiguration.dat` | High
+1 | File | `/x_program_center/jaxrs/invoke` | High
+2 | File | `awstats.pl` | Medium
+3 | File | `class.showtime2_image.php` | High
 4 | ... | ... | ...
 
-There are 7 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 10 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -65,4 +68,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bookworm/README.md

@@ -72,4 +72,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bosnia and Herzegovina Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [DE](https://vuldb.com/?country.de)
 * ...
 
-There are 20 more country items available. Please use our online service to access the data.
+There are 21 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -73,11 +73,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
-2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
+1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
+2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-94 | Cross Site Scripting | High
-5 | ... | ... | ... | ...
+4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
+5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+6 | ... | ... | ... | ...
 
 There are 18 more TTP items available. Please use our online service to access the data.
 
@@ -87,66 +88,65 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `.htaccess` | Medium
-2 | File | `/Admin/add-student.php` | High
-3 | File | `/admin/conferences/list/` | High
-4 | File | `/admin/edit_admin_details.php?id=admin` | High
-5 | File | `/admin/generalsettings.php` | High
-6 | File | `/Admin/login.php` | High
-7 | File | `/admin/payment.php` | High
-8 | File | `/admin/reports.php` | High
-9 | File | `/admin/showbad.php` | High
-10 | File | `/admin_page/all-files-update-ajax.php` | High
-11 | File | `/apilog.php` | Medium
-12 | File | `/bsms/?page=products` | High
+1 | File | `.github/workflows/combine-prs.yml` | High
+2 | File | `.htaccess` | Medium
+3 | File | `/Admin/add-student.php` | High
+4 | File | `/admin/api/admin/articles/` | High
+5 | File | `/admin/conferences/list/` | High
+6 | File | `/admin/edit_admin_details.php?id=admin` | High
+7 | File | `/admin/generalsettings.php` | High
+8 | File | `/Admin/login.php` | High
+9 | File | `/admin/payment.php` | High
+10 | File | `/admin/reports.php` | High
+11 | File | `/admin/showbad.php` | High
+12 | File | `/apilog.php` | Medium
 13 | File | `/cgi-bin/kerbynet` | High
-14 | File | `/cgi-bin/system_mgr.cgi` | High
-15 | File | `/cgi-bin/wlogin.cgi` | High
-16 | File | `/cloud_config/router_post/check_reg_verify_code` | High
-17 | File | `/connectors/index.php` | High
-18 | File | `/debug/pprof` | Medium
-19 | File | `/dms/admin/reports/daily_collection_report.php` | High
-20 | File | `/forum/away.php` | High
-21 | File | `/include/chart_generator.php` | High
-22 | File | `/index.php` | Medium
-23 | File | `/info.cgi` | Medium
-24 | File | `/Items/*/RemoteImages/Download` | High
-25 | File | `/items/view_item.php` | High
-26 | File | `/lists/admin/` | High
-27 | File | `/MagickCore/image.c` | High
-28 | File | `/manager/index.php` | High
-29 | File | `/medical/inventories.php` | High
-30 | File | `/mgmt/tm/util/bash` | High
-31 | File | `/modules/profile/index.php` | High
-32 | File | `/modules/projects/vw_files.php` | High
-33 | File | `/modules/public/calendar.php` | High
-34 | File | `/newsDia.php` | Medium
-35 | File | `/out.php` | Medium
-36 | File | `/public/launchNewWindow.jsp` | High
-37 | File | `/sacco_shield/manage_user.php` | High
-38 | File | `/spip.php` | Medium
-39 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
-40 | File | `/staff/bookdetails.php` | High
-41 | File | `/TeleoptiWFM/Administration/GetOneTenant` | High
-42 | File | `/user/update_booking.php` | High
-43 | File | `/usr/bin/pkexec` | High
-44 | File | `/WEB-INF/web.xml` | High
-45 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
-46 | File | `/Wedding-Management/package_detail.php` | High
-47 | File | `/wordpress/wp-admin/options-general.php` | High
-48 | File | `/wp-admin/admin-ajax.php` | High
-49 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
-50 | File | `a2billing/customer/iridium_threed.php` | High
-51 | File | `AdClass.php` | Medium
-52 | File | `adclick.php` | Medium
-53 | File | `add.exe` | Low
-54 | File | `addtocart.asp` | High
-55 | File | `admin.php` | Medium
-56 | File | `admin.php?m=Food&a=addsave` | High
-57 | File | `admin/conf_users_edit.php` | High
-58 | ... | ... | ...
+14 | File | `/cgi-bin/wlogin.cgi` | High
+15 | File | `/connectors/index.php` | High
+16 | File | `/dev/block/mmcblk0rpmb` | High
+17 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
+18 | File | `/face-recognition-php/facepay-master/camera.php` | High
+19 | File | `/forum/away.php` | High
+20 | File | `/fos/admin/ajax.php?action=login` | High
+21 | File | `/fos/admin/index.php?page=menu` | High
+22 | File | `/hrm/employeeadd.php` | High
+23 | File | `/hrm/employeeview.php` | High
+24 | File | `/index.php` | Medium
+25 | File | `/Items/*/RemoteImages/Download` | High
+26 | File | `/items/view_item.php` | High
+27 | File | `/jsoa/hntdCustomDesktopActionContent` | High
+28 | File | `/lookin/info` | Medium
+29 | File | `/MagickCore/image.c` | High
+30 | File | `/manager/index.php` | High
+31 | File | `/medical/inventories.php` | High
+32 | File | `/modules/profile/index.php` | High
+33 | File | `/modules/projects/vw_files.php` | High
+34 | File | `/modules/public/calendar.php` | High
+35 | File | `/newsDia.php` | Medium
+36 | File | `/out.php` | Medium
+37 | File | `/proxy` | Low
+38 | File | `/public/launchNewWindow.jsp` | High
+39 | File | `/Redcock-Farm/farm/category.php` | High
+40 | File | `/reports/rwservlet` | High
+41 | File | `/sacco_shield/manage_user.php` | High
+42 | File | `/spip.php` | Medium
+43 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
+44 | File | `/staff/bookdetails.php` | High
+45 | File | `/TeleoptiWFM/Administration/GetOneTenant` | High
+46 | File | `/user/update_booking.php` | High
+47 | File | `/WEB-INF/web.xml` | High
+48 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
+49 | File | `/wordpress/wp-admin/options-general.php` | High
+50 | File | `/wp-admin/admin-ajax.php` | High
+51 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
+52 | File | `01article.php` | High
+53 | File | `AbstractScheduleJob.java` | High
+54 | File | `actionphp/download.File.php` | High
+55 | File | `AdClass.php` | Medium
+56 | File | `adclick.php` | Medium
+57 | ... | ... | ...
 
-There are 505 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 501 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -163,4 +163,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bouvet Island Unknown/README.md

@@ -69,4 +69,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Brata/README.md

@@ -8,6 +8,7 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
 
 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Brata:
 
+* [US](https://vuldb.com/?country.us)
 * [RU](https://vuldb.com/?country.ru)
 
 ## IOC - Indicator of Compromise
@@ -18,6 +19,7 @@ ID | IP address | Hostname | Campaign | Confidence
 -- | ---------- | -------- | -------- | ----------
 1 | [51.83.225.224](https://vuldb.com/?ip.51.83.225.224) | - | - | High
 2 | [51.83.251.214](https://vuldb.com/?ip.51.83.251.214) | - | - | High
+3 | [152.89.247.159](https://vuldb.com/?ip.152.89.247.159) | - | - | High
 
 ## TTP - Tactics, Techniques, Procedures
 
@@ -31,6 +33,7 @@ ID | Technique | Weakness | Description | Confidence
 
 The following list contains _external sources_ which discuss the actor and the associated activities:
 
+* https://blog.cyble.com/2022/07/21/amextroll-android-banking-trojan-spotted-in-the-wild/
 * https://community.blueliv.com/#!/s/62b0155982df417ed03311f0
 
 ## Literature
@@ -42,4 +45,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Brazil Unknown/README.md

@@ -15,11 +15,11 @@ The following _campaigns_ are known and can be associated with Brazil Unknown:
 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Brazil Unknown:
 
 * [US](https://vuldb.com/?country.us)
-* [CN](https://vuldb.com/?country.cn)
 * [BR](https://vuldb.com/?country.br)
+* [CN](https://vuldb.com/?country.cn)
 * ...
 
-There are 17 more country items available. Please use our online service to access the data.
+There are 22 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -933,12 +933,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
-2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
-3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
+2 | T1055 | CWE-74 | Injection | High
+3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
+4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 5 | ... | ... | ... | ...
 
-There are 17 more TTP items available. Please use our online service to access the data.
+There are 18 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -946,62 +946,69 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `.php.gif` | Medium
-2 | File | `/Admin/add-student.php` | High
-3 | File | `/admin/js` | Medium
-4 | File | `/Admin/login.php` | High
-5 | File | `/admin/showbad.php` | High
+1 | File | `.github/workflows/combine-prs.yml` | High
+2 | File | `.php.gif` | Medium
+3 | File | `/Admin/add-student.php` | High
+4 | File | `/admin/api/admin/articles/` | High
+5 | File | `/Admin/login.php` | High
 6 | File | `/admin/submit-articles` | High
 7 | File | `/apilog.php` | Medium
 8 | File | `/cgi-bin/wlogin.cgi` | High
 9 | File | `/connectors/index.php` | High
 10 | File | `/Default/Bd` | Medium
-11 | File | `/employeeview.php` | High
-12 | File | `/fhconf/umconfig.txt` | High
-13 | File | `/forum/away.php` | High
-14 | File | `/hrm/controller/employee.php` | High
-15 | File | `/hrm/employeeadd.php` | High
-16 | File | `/hrm/employeeview.php` | High
-17 | File | `/index.php` | Medium
-18 | File | `/items/view_item.php` | High
-19 | File | `/lookin/info` | Medium
-20 | File | `/manager/index.php` | High
-21 | File | `/medical/inventories.php` | High
-22 | File | `/mkshop/Men/profile.php` | High
-23 | File | `/modules/profile/index.php` | High
-24 | File | `/modules/projects/vw_files.php` | High
-25 | File | `/modules/public/calendar.php` | High
-26 | File | `/newsDia.php` | Medium
-27 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
-28 | File | `/out.php` | Medium
-29 | File | `/php_action/editProductImage.php` | High
-30 | File | `/public/launchNewWindow.jsp` | High
-31 | File | `/Redcock-Farm/farm/category.php` | High
-32 | File | `/sacco_shield/manage_user.php` | High
-33 | File | `/spip.php` | Medium
-34 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
-35 | File | `/staff/bookdetails.php` | High
-36 | File | `/uncpath/` | Medium
-37 | File | `/user/update_booking.php` | High
-38 | File | `/var/log/qualys/qualys-cloud-agent-scan.log` | High
-39 | File | `/WEB-INF/web.xml` | High
-40 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
-41 | File | `/wordpress/wp-admin/options-general.php` | High
-42 | File | `/wp-content/plugins/updraftplus/admin.php` | High
-43 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
-44 | File | `adclick.php` | Medium
-45 | File | `addtocart.asp` | High
-46 | File | `admin.php` | Medium
-47 | File | `admin/conf_users_edit.php` | High
-48 | File | `admincp.php` | Medium
-49 | File | `admincp/search.php?do=dosearch` | High
-50 | File | `ajax_invoice.php` | High
-51 | File | `album_portal.php` | High
-52 | File | `analyzer/protocol/dnp3/DNP3.cc` | High
-53 | File | `Ap4BitStream.cpp` | High
-54 | ... | ... | ...
+11 | File | `/dev/block/mmcblk0rpmb` | High
+12 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
+13 | File | `/employeeview.php` | High
+14 | File | `/face-recognition-php/facepay-master/camera.php` | High
+15 | File | `/forum/away.php` | High
+16 | File | `/fos/admin/ajax.php?action=login` | High
+17 | File | `/fos/admin/index.php?page=menu` | High
+18 | File | `/hrm/controller/employee.php` | High
+19 | File | `/hrm/employeeadd.php` | High
+20 | File | `/hrm/employeeview.php` | High
+21 | File | `/index.php` | Medium
+22 | File | `/items/view_item.php` | High
+23 | File | `/jsoa/hntdCustomDesktopActionContent` | High
+24 | File | `/lookin/info` | Medium
+25 | File | `/manager/index.php` | High
+26 | File | `/medical/inventories.php` | High
+27 | File | `/modules/profile/index.php` | High
+28 | File | `/modules/projects/vw_files.php` | High
+29 | File | `/modules/public/calendar.php` | High
+30 | File | `/newsDia.php` | Medium
+31 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
+32 | File | `/out.php` | Medium
+33 | File | `/php/` | Low
+34 | File | `/php_action/editProductImage.php` | High
+35 | File | `/product/savenewproduct.php?flag=1` | High
+36 | File | `/proxy` | Low
+37 | File | `/Redcock-Farm/farm/category.php` | High
+38 | File | `/reports/rwservlet` | High
+39 | File | `/sacco_shield/manage_user.php` | High
+40 | File | `/services/Card/findUser` | High
+41 | File | `/spip.php` | Medium
+42 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
+43 | File | `/staff/bookdetails.php` | High
+44 | File | `/uncpath/` | Medium
+45 | File | `/user/update_booking.php` | High
+46 | File | `/var/log/qualys/qualys-cloud-agent-scan.log` | High
+47 | File | `/view-property.php` | High
+48 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
+49 | File | `/wordpress/wp-admin/options-general.php` | High
+50 | File | `/wp-content/plugins/updraftplus/admin.php` | High
+51 | File | `01article.php` | High
+52 | File | `AbstractScheduleJob.java` | High
+53 | File | `actionphp/download.File.php` | High
+54 | File | `adclick.php` | Medium
+55 | File | `addtocart.asp` | High
+56 | File | `admin.php` | Medium
+57 | File | `admin/conf_users_edit.php` | High
+58 | File | `admin/login.php` | High
+59 | File | `admin/panels/entry/admin.entry.list.php` | High
+60 | File | `admin/panels/uploader/admin.uploader.php` | High
+61 | ... | ... | ...
 
-There are 471 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 537 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -1022,4 +1029,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bredolab/README.md

@@ -33,4 +33,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Brunei Unknown/README.md

@@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Brunei Unknown:
 
 * [US](https://vuldb.com/?country.us)
-* [CN](https://vuldb.com/?country.cn)
 * [JP](https://vuldb.com/?country.jp)
+* [CN](https://vuldb.com/?country.cn)
 * ...
 
-There are 22 more country items available. Please use our online service to access the data.
+There are 24 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -45,7 +45,7 @@ ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
 2 | T1055 | CWE-74 | Injection | High
-3 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
+3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
 4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 5 | T1068 | CWE-264, CWE-266, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
 6 | ... | ... | ... | ...
@@ -110,11 +110,9 @@ ID | Type | Indicator | Confidence
 50 | File | `administrator/index.php` | High
 51 | File | `administrator/mail/download.cfm` | High
 52 | File | `AdminUpdateController.class.php` | High
-53 | File | `admin_main.php` | High
-54 | File | `Advanced_ASUSDDNS_Content.asp` | High
-55 | ... | ... | ...
+53 | ... | ... | ...
 
-There are 477 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 464 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -131,4 +129,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Brunhilda/README.md

@@ -62,4 +62,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Brushaloader/README.md

@@ -37,7 +37,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+1 | T1006 | CWE-22 | Pathname Traversal | High
+2 | T1059 | CWE-94 | Cross Site Scripting | High
+3 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+4 | ... | ... | ... | ...
+
+There are 5 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -68,4 +73,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/BuerLoader/README.md

@@ -9,6 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with BuerLoader:
 
 * [US](https://vuldb.com/?country.us)
+* [RU](https://vuldb.com/?country.ru)
+* [CH](https://vuldb.com/?country.ch)
 
 ## IOC - Indicator of Compromise
 
@@ -16,7 +18,21 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
 
 ID | IP address | Hostname | Campaign | Confidence
 -- | ---------- | -------- | -------- | ----------
-1 | [142.93.102.244](https://vuldb.com/?ip.142.93.102.244) | dev.dotyeti.com | - | High
+1 | [104.248.83.13](https://vuldb.com/?ip.104.248.83.13) | - | - | High
+2 | [142.93.102.244](https://vuldb.com/?ip.142.93.102.244) | dev.dotyeti.com | - | High
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _BuerLoader_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1055 | CWE-74 | Injection | High
+2 | T1059 | CWE-94 | Cross Site Scripting | High
+3 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+4 | ... | ... | ... | ...
+
+There are 5 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -24,13 +40,19 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `article.php` | Medium
-2 | Argument | `id` | Low
+1 | File | `/backups/` | Medium
+2 | File | `/cgi-bin/editBookmark` | High
+3 | File | `/goform/RgDdns` | High
+4 | File | `/goform/RgDhcp` | High
+5 | ... | ... | ...
+
+There are 28 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
 The following list contains _external sources_ which discuss the actor and the associated activities:
 
+* https://community.blueliv.com/#!/s/5f9a80db82df413eb23523b7
 * https://github.com/executemalware/Malware-IOCs/blob/main/2021-08-19%20BuerLoader%20IOCs
 
 ## Literature
@@ -42,4 +64,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/BuffetLine/README.md

@@ -28,4 +28,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bulgaria Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [ES](https://vuldb.com/?country.es)
 * ...
 
-There are 17 more country items available. Please use our online service to access the data.
+There are 22 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -270,11 +270,11 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-21, CWE-22, CWE-37 | Pathname Traversal | High
-2 | T1055 | CWE-74 | Injection | High
-3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
-4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
-5 | T1068 | CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
+1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-29, CWE-35 | Pathname Traversal | High
+2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
+3 | T1055 | CWE-74 | Injection | High
+4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
+5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 6 | ... | ... | ... | ...
 
 There are 19 more TTP items available. Please use our online service to access the data.
@@ -285,67 +285,54 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `%PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates` | High
-2 | File | `.php.gif` | Medium
-3 | File | `/action/iperf` | High
-4 | File | `/action/wirelessConnect` | High
-5 | File | `/Admin/add-student.php` | High
-6 | File | `/admin/delete.php` | High
-7 | File | `/Admin/login.php` | High
-8 | File | `/admin/settings/fields` | High
-9 | File | `/admin/sign/out` | High
-10 | File | `/admin/submit-articles` | High
-11 | File | `/api/discoveries/` | High
-12 | File | `/api/v1/attack` | High
-13 | File | `/api/v1/attack/falco` | High
-14 | File | `/api/v1/attack/token` | High
-15 | File | `/api/v1/bait/set` | High
-16 | File | `/api/v1/chat.getThreadsList` | High
-17 | File | `/api/v2/open/rowsInfo` | High
-18 | File | `/api/v2/open/tablesInfo` | High
-19 | File | `/apilog.php` | Medium
-20 | File | `/bin/proc.cgi` | High
-21 | File | `/buspassms/download-pass.php` | High
-22 | File | `/category.php` | High
-23 | File | `/cgi-bin/wlogin.cgi` | High
-24 | File | `/changePassword` | High
-25 | File | `/cnr` | Low
-26 | File | `/connectors/index.php` | High
-27 | File | `/Core/Ap4File.cpp` | High
-28 | File | `/csms/admin/?page=user/manage_user` | High
-29 | File | `/depotHead/list` | High
-30 | File | `/ebics-server/ebics.aspx` | High
-31 | File | `/employeeview.php` | High
-32 | File | `/etc/version` | Medium
-33 | File | `/forum/away.php` | High
-34 | File | `/goform/fast_setting_wifi_set` | High
-35 | File | `/goform/form2WizardStep4` | High
-36 | File | `/goform/formSetClientState` | High
-37 | File | `/goform/fromSetIpMacBind` | High
-38 | File | `/goform/openSchedWifi/` | High
-39 | File | `/goform/PowerSaveSet` | High
-40 | File | `/goform/setDebugCfg/` | High
-41 | File | `/goform/SetNetControlList` | High
-42 | File | `/h/compose` | Medium
-43 | File | `/index.asp` | Medium
-44 | File | `/index.php` | Medium
-45 | File | `/items/view_item.php` | High
-46 | File | `/jsoa/hntdCustomDesktopActionContent` | High
-47 | File | `/live/GLOBALS` | High
-48 | File | `/login` | Low
-49 | File | `/manager/index.php` | High
-50 | File | `/medical/inventories.php` | High
-51 | File | `/membership_passwordReset.php` | High
-52 | File | `/modules/profile/index.php` | High
-53 | File | `/modules/projects/vw_files.php` | High
-54 | File | `/modules/public/calendar.php` | High
-55 | File | `/newsDia.php` | Medium
-56 | File | `/omos/admin/?page=user/list` | High
-57 | File | `/opt/axess/etc/default/axess` | High
-58 | File | `/opt/axess/var/blobstorage/` | High
-59 | ... | ... | ...
+1 | File | `.github/workflows/combine-prs.yml` | High
+2 | File | `//` | Low
+3 | File | `/dev/block/mmcblk0rpmb` | High
+4 | File | `/forum/away.php` | High
+5 | File | `/fos/admin/ajax.php?action=login` | High
+6 | File | `/fos/admin/index.php?page=menu` | High
+7 | File | `/login/index.php` | High
+8 | File | `/output/outdbg.c` | High
+9 | File | `/output/outieee.c` | High
+10 | File | `/password/reset` | High
+11 | File | `/ptippage.cgi` | High
+12 | File | `/ptipupgrade.cgi` | High
+13 | File | `/reports/rwservlet` | High
+14 | File | `/royal_event/userregister.php` | High
+15 | File | `/u/username.json` | High
+16 | File | `01article.php` | High
+17 | File | `admin/abc.php` | High
+18 | File | `admin/admin/adminsave.html` | High
+19 | File | `admin/approve_user.php` | High
+20 | File | `admin/conf_users_edit.php` | High
+21 | File | `admin/expense_report.php` | High
+22 | File | `admin/forget_password.php` | High
+23 | File | `admin/make_payments.php` | High
+24 | File | `admin/manage_user.php` | High
+25 | File | `admin/page-login.php` | High
+26 | File | `admin/panels/entry/admin.entry.list.php` | High
+27 | File | `admin/panels/uploader/admin.uploader.php` | High
+28 | File | `administers` | Medium
+29 | File | `admin_class.php` | High
+30 | File | `agent/listener/templates/tail.html` | High
+31 | File | `ajax_invoice.php` | High
+32 | File | `announce.php` | Medium
+33 | File | `api.php` | Low
+34 | File | `api/?api=add_server` | High
+35 | File | `app.py` | Low
+36 | File | `app/api/songs.py` | High
+37 | File | `app/business/impl/ReviewServiceImpl.java` | High
+38 | File | `app/controllers/code_caller_controller.php` | High
+39 | File | `app/controllers/curupira/passwords_controller.rb` | High
+40 | File | `app/controllers/geopoll_controller.rb` | High
+41 | File | `app/controllers/image_controller.rb` | High
+42 | File | `app/controllers/oauth.js` | High
+43 | File | `app/filters.php` | High
+44 | File | `application/controllers/timedtext.php` | High
+45 | File | `application/libraries/LanguageTask.php` | High
+46 | ... | ... | ...
 
-There are 512 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 394 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -362,4 +349,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bunitu/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [RU](https://vuldb.com/?country.ru)
 * ...
 
-There are 11 more country items available. Please use our online service to access the data.
+There are 12 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -42,7 +42,8 @@ ID | Technique | Weakness | Description | Confidence
 3 | T1055 | CWE-74 | Injection | High
 4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
-6 | ... | ... | ... | ...
+6 | T1068 | CWE-250, CWE-264, CWE-266, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
+7 | ... | ... | ... | ...
 
 There are 22 more TTP items available. Please use our online service to access the data.
 
@@ -79,17 +80,18 @@ ID | Type | Indicator | Confidence
 25 | File | `admin-ajax.php` | High
 26 | File | `admin.php` | Medium
 27 | File | `admin/ad_list.php` | High
-28 | File | `admin/status/realtime/bandwidth_status` | High
-29 | File | `agent.c` | Low
-30 | File | `ajax_crons.php` | High
-31 | File | `ansi.c` | Low
-32 | File | `api.php/List/index` | High
-33 | File | `API/api/Version` | High
-34 | File | `application/controllers/LSBaseController.php` | High
-35 | File | `arq_updater` | Medium
-36 | ... | ... | ...
+28 | File | `admin/panels/uploader/admin.uploader.php` | High
+29 | File | `admin/status/realtime/bandwidth_status` | High
+30 | File | `agent.c` | Low
+31 | File | `ajax_crons.php` | High
+32 | File | `ansi.c` | Low
+33 | File | `api.php/List/index` | High
+34 | File | `API/api/Version` | High
+35 | File | `application/controllers/LSBaseController.php` | High
+36 | File | `arq_updater` | Medium
+37 | ... | ... | ...
 
-There are 307 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 314 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -107,4 +109,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Burundi Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [FR](https://vuldb.com/?country.fr)
 * ...
 
-There are 13 more country items available. Please use our online service to access the data.
+There are 14 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -84,7 +84,7 @@ ID | Type | Indicator | Confidence
 32 | File | `api.php` | Low
 33 | ... | ... | ...
 
-There are 281 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 285 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -101,4 +101,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Butterfly/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [DE](https://vuldb.com/?country.de)
 * ...
 
-There are 9 more country items available. Please use our online service to access the data.
+There are 12 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -51,22 +51,24 @@ ID | Type | Indicator | Confidence
 1 | File | `/admin/broadcast.php` | High
 2 | File | `/admin/sysmon.php` | High
 3 | File | `/cgi-bin/webviewer_login_page` | High
-4 | File | `/forum/away.php` | High
-5 | File | `/getcfg.php` | Medium
-6 | File | `/proc/ioports` | High
-7 | File | `/services/details.asp` | High
-8 | File | `/tmp` | Low
-9 | File | `/uncpath/` | Medium
-10 | File | `/Upload.ashx` | Medium
-11 | File | `/var/tmp/sess_*` | High
-12 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
-13 | File | `activateuser.aspx` | High
-14 | File | `adclick.php` | Medium
-15 | File | `admin/killsource` | High
-16 | File | `admin/orion.extfeedbackform_efbf_forms.php` | High
-17 | ... | ... | ...
+4 | File | `/ecrire` | Low
+5 | File | `/forum/away.php` | High
+6 | File | `/getcfg.php` | Medium
+7 | File | `/proc/ioports` | High
+8 | File | `/services/details.asp` | High
+9 | File | `/tmp` | Low
+10 | File | `/uncpath/` | Medium
+11 | File | `/Upload.ashx` | Medium
+12 | File | `/var/tmp/sess_*` | High
+13 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
+14 | File | `activateuser.aspx` | High
+15 | File | `adclick.php` | Medium
+16 | File | `admin/killsource` | High
+17 | File | `admin/orion.extfeedbackform_efbf_forms.php` | High
+18 | File | `auth-gss2.c` | Medium
+19 | ... | ... | ...
 
-There are 140 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 153 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -83,4 +85,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Bypassuac/README.md

@@ -27,4 +27,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/CCleaner Malware/README.md

@@ -55,4 +55,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Cabo Verde Unknown/README.md

@@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 
 * [US](https://vuldb.com/?country.us)
 * [ES](https://vuldb.com/?country.es)
-* [FR](https://vuldb.com/?country.fr)
+* [PT](https://vuldb.com/?country.pt)
 * ...
 
-There are 15 more country items available. Please use our online service to access the data.
+There are 16 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -87,7 +87,7 @@ ID | Type | Indicator | Confidence
 36 | File | `album_portal.php` | High
 37 | ... | ... | ...
 
-There are 316 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 321 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -104,4 +104,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Caligula/README.md

@@ -51,4 +51,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Cameroon Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [ES](https://vuldb.com/?country.es)
 * ...
 
-There are 14 more country items available. Please use our online service to access the data.
+There are 16 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -89,9 +89,10 @@ ID | Type | Indicator | Confidence
 30 | File | `ajax/render/widget_php` | High
 31 | File | `album_portal.php` | High
 32 | File | `AoWinAgt` | Medium
-33 | ... | ... | ...
+33 | File | `api.php` | Low
+34 | ... | ... | ...
 
-There are 284 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 288 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -108,4 +109,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Candiru/README.md

@@ -91,8 +91,7 @@ ID | Type | Indicator | Confidence
 30 | File | `/librarian/lab.php` | High
 31 | File | `/login` | Low
 32 | File | `/mngset/authset` | High
-33 | File | `/nova/bin/sniffer` | High
-34 | ... | ... | ...
+33 | ... | ... | ...
 
 There are 286 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 

actors/Central African Republic Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [ES](https://vuldb.com/?country.es)
 * ...
 
-There are 12 more country items available. Please use our online service to access the data.
+There are 14 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -82,7 +82,7 @@ ID | Type | Indicator | Confidence
 32 | File | `application/home/controller/debug.php` | High
 33 | ... | ... | ...
 
-There are 278 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 283 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -99,4 +99,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Cerber/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [CN](https://vuldb.com/?country.cn)
 * ...
 
-There are 10 more country items available. Please use our online service to access the data.
+There are 5 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -108,15 +108,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
+1 | T1006 | CWE-21, CWE-22, CWE-425 | Pathname Traversal | High
 2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
+4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
-6 | T1068 | CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
-7 | ... | ... | ... | ...
+6 | ... | ... | ... | ...
 
-There are 22 more TTP items available. Please use our online service to access the data.
+There are 19 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -124,42 +123,51 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `/action/wirelessConnect` | High
-2 | File | `/adfs/ls` | Medium
-3 | File | `/admin/users_add.php` | High
+1 | File | `/+CSCOE+/logon.html` | High
+2 | File | `/action/wirelessConnect` | High
+3 | File | `/admin/upload/upload` | High
 4 | File | `/admin/videoalbum/list` | High
-5 | File | `/administration/settings_registration.php` | High
-6 | File | `/appConfig/userDB.json` | High
-7 | File | `/authUserAction!edit.action` | High
-8 | File | `/bd_genie_create_account.cgi` | High
-9 | File | `/c/macho_reader.c` | High
-10 | File | `/cgi-bin/luci/api/auth` | High
-11 | File | `/cgi-bin/luci/api/diagnose` | High
-12 | File | `/claire_blake` | High
-13 | File | `/cloud_config/router_post/check_reg_verify_code` | High
-14 | File | `/conf/` | Low
-15 | File | `/dashboard/contact` | High
-16 | File | `/debug/pprof` | Medium
-17 | File | `/defaultui/player/modern.html` | High
-18 | File | `/dev/bus` | Medium
-19 | File | `/etc/config/image_sign` | High
-20 | File | `/etc/groups` | Medium
-21 | File | `/etc/init0.d/S80telnetd.sh` | High
-22 | File | `/etc/shadow.sample` | High
-23 | File | `/files/$username/Myfolder/Mysubfolder/shared.txt` | High
-24 | File | `/foms/place-order.php` | High
-25 | File | `/forum/away.php` | High
-26 | File | `/ghost/preview` | High
-27 | File | `/goform/L7Im` | Medium
-28 | File | `/goform/SetIpMacBind` | High
-29 | File | `/goform/setMacFilterCfg` | High
-30 | File | `/htdocs/utils/Files.php` | High
-31 | File | `/jerry-core/ecma/operations/ecma-objects.c` | High
-32 | File | `/jfinal_cms/system/role/list` | High
-33 | File | `/leave_system/classes/Master.php?f=delete_department` | High
-34 | ... | ... | ...
+5 | File | `/c/macho_reader.c` | High
+6 | File | `/cgi-bin/DownloadFlash` | High
+7 | File | `/cgi-bin/wlogin.cgi` | High
+8 | File | `/cloud_config/router_post/check_reg_verify_code` | High
+9 | File | `/conf/` | Low
+10 | File | `/config/getuser` | High
+11 | File | `/dashboard/contact` | High
+12 | File | `/debug/pprof` | Medium
+13 | File | `/dev/bus` | Medium
+14 | File | `/example/editor` | High
+15 | File | `/files/$username/Myfolder/Mysubfolder/shared.txt` | High
+16 | File | `/goform/setMacFilterCfg` | High
+17 | File | `/HNAP1` | Low
+18 | File | `/index` | Low
+19 | File | `/iu-application/controllers/administration/auth.php` | High
+20 | File | `/jerry-core/ecma/operations/ecma-objects.c` | High
+21 | File | `/Kofax/KFS/ThinClient/document/upload/` | High
+22 | File | `/leave_system/classes/Master.php?f=delete_department` | High
+23 | File | `/module/module_frame/index.php` | High
+24 | File | `/music/ajax.php` | High
+25 | File | `/northstar/Admin/changePassword.jsp` | High
+26 | File | `/obs/book.php` | High
+27 | File | `/orms/` | Low
+28 | File | `/ossn/administrator/com_installer` | High
+29 | File | `/pms/update_user.php?user_id=1` | High
+30 | File | `/rest/api/1.0/render` | High
+31 | File | `/sre/params.php` | High
+32 | File | `/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc` | High
+33 | File | `/tmp` | Low
+34 | File | `/tmp/xbindkeysrc-tmp` | High
+35 | File | `/user/upload/upload` | High
+36 | File | `/Users` | Low
+37 | File | `/var/spool/hylafax` | High
+38 | File | `/vendor` | Low
+39 | File | `/whbs/?page=my_bookings` | High
+40 | File | `access_rules/rules_form` | High
+41 | File | `accountrecoveryendpoint/recoverpassword.do` | High
+42 | File | `action/addproject.php` | High
+43 | ... | ... | ...
 
-There are 290 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 368 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -214,4 +222,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Cerberus/README.md

@@ -27,4 +27,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/CetaRAT/README.md

@@ -37,7 +37,7 @@ ID | Technique | Weakness | Description | Confidence
 4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 5 | ... | ... | ... | ...
 
-There are 14 more TTP items available. Please use our online service to access the data.
+There are 15 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -48,30 +48,30 @@ ID | Type | Indicator | Confidence
 1 | File | `.travis.yml` | Medium
 2 | File | `/.env` | Low
 3 | File | `/admin.php` | Medium
-4 | File | `/core/conditions/AbstractWrapper.java` | High
-5 | File | `/export` | Low
-6 | File | `/file?action=download&file` | High
-7 | File | `/medical/inventories.php` | High
-8 | File | `/monitoring` | Medium
-9 | File | `/plugin/LiveChat/getChat.json.php` | High
-10 | File | `/plugins/servlet/audit/resource` | High
-11 | File | `/plugins/servlet/project-config/PROJECT/roles` | High
-12 | File | `/replication` | Medium
-13 | File | `/RestAPI` | Medium
-14 | File | `/tmp/speedtest_urls.xml` | High
-15 | File | `/tmp/zarafa-vacation-*` | High
-16 | File | `/uncpath/` | Medium
-17 | File | `/upload` | Low
-18 | File | `/var/log/nginx` | High
-19 | File | `/var/run/watchman.pid` | High
-20 | File | `/viewer/krpano.html` | High
-21 | File | `/wp-json/oembed/1.0/embed?url` | High
-22 | File | `adclick.php` | Medium
-23 | File | `admin-ajax.php?action=get_wdtable order[0][dir]` | High
-24 | File | `AdxDSrv.exe` | Medium
+4 | File | `/admin/subnets/ripe-query.php` | High
+5 | File | `/core/conditions/AbstractWrapper.java` | High
+6 | File | `/debug/pprof` | Medium
+7 | File | `/export` | Low
+8 | File | `/file?action=download&file` | High
+9 | File | `/hardware` | Medium
+10 | File | `/medical/inventories.php` | High
+11 | File | `/monitoring` | Medium
+12 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
+13 | File | `/plugin/LiveChat/getChat.json.php` | High
+14 | File | `/plugins/servlet/audit/resource` | High
+15 | File | `/plugins/servlet/project-config/PROJECT/roles` | High
+16 | File | `/replication` | Medium
+17 | File | `/RestAPI` | Medium
+18 | File | `/tmp/speedtest_urls.xml` | High
+19 | File | `/tmp/zarafa-vacation-*` | High
+20 | File | `/uncpath/` | Medium
+21 | File | `/upload` | Low
+22 | File | `/user/loader.php?api=1` | High
+23 | File | `/var/log/nginx` | High
+24 | File | `/var/run/watchman.pid` | High
 25 | ... | ... | ...
 
-There are 209 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 206 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -88,4 +88,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Chalubo/README.md

@@ -29,7 +29,10 @@ ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1059.007 | CWE-79 | Cross Site Scripting | High
 2 | T1068 | CWE-284 | Execution with Unnecessary Privileges | High
-3 | T1600 | CWE-310 | Cryptographic Issues | High
+3 | T1202 | CWE-78 | Command Injection | High
+4 | ... | ... | ... | ...
+
+There are 1 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -54,4 +57,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Chaos/README.md

@@ -41,11 +41,11 @@ ID | Technique | Weakness | Description | Confidence
 1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
 2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
+4 | T1059 | CWE-94 | Cross Site Scripting | High
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 6 | ... | ... | ... | ...
 
-There are 22 more TTP items available. Please use our online service to access the data.
+There are 21 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -57,42 +57,38 @@ ID | Type | Indicator | Confidence
 2 | File | `/admin.php/singer/admin/lists/zhuan` | High
 3 | File | `/admin.php/User/level_sort` | High
 4 | File | `/authUserAction!edit.action` | High
-5 | File | `/blog/edit` | Medium
-6 | File | `/bmis/pages/resident/resident.php` | High
-7 | File | `/cgi-bin-sdb/` | High
-8 | File | `/cgi-bin/activate.cgi` | High
-9 | File | `/cgi-bin/luci/api/auth` | High
+5 | File | `/baseOpLog.do` | High
+6 | File | `/blog/edit` | Medium
+7 | File | `/bmis/pages/resident/resident.php` | High
+8 | File | `/cgi-bin/luci/api/auth` | High
+9 | File | `/cgi-bin/luci/api/wireless` | High
 10 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
 11 | File | `/cgi-bin/uploadWeiXinPic` | High
 12 | File | `/claire_blake` | High
 13 | File | `/core/admin/categories.php` | High
-14 | File | `/debug/pprof` | Medium
-15 | File | `/dms/admin/reports/daily_collection_report.php` | High
-16 | File | `/etc/config/cameo` | High
-17 | File | `/export` | Low
-18 | File | `/files.md5` | Medium
-19 | File | `/food/admin/all_users.php` | High
-20 | File | `/forum/away.php` | High
-21 | File | `/images/` | Medium
-22 | File | `/isms/classes/Users.php` | High
-23 | File | `/login` | Low
-24 | File | `/MagickCore/quantize.c` | High
-25 | File | `/mc` | Low
-26 | File | `/mkshop/Men/profile.php` | High
-27 | File | `/modules/profile/index.php` | High
-28 | File | `/multiux/SaveMailbox` | High
-29 | File | `/ofrs/admin/?page=teams/view_team` | High
-30 | File | `/one_church/userregister.php` | High
-31 | File | `/out.php` | Medium
-32 | File | `/panel/configuration/general` | High
+14 | File | `/dashboard/contact` | High
+15 | File | `/debug/pprof` | Medium
+16 | File | `/dms/admin/reports/daily_collection_report.php` | High
+17 | File | `/etc/config/cameo` | High
+18 | File | `/export` | Low
+19 | File | `/files.md5` | Medium
+20 | File | `/food/admin/all_users.php` | High
+21 | File | `/forum/away.php` | High
+22 | File | `/hrm/employeeview.php` | High
+23 | File | `/images/` | Medium
+24 | File | `/isms/classes/Users.php` | High
+25 | File | `/login` | Low
+26 | File | `/MagickCore/quantize.c` | High
+27 | File | `/mc` | Low
+28 | File | `/mkshop/Men/profile.php` | High
+29 | File | `/modules/profile/index.php` | High
+30 | File | `/ofrs/admin/?page=teams/view_team` | High
+31 | File | `/one_church/userregister.php` | High
+32 | File | `/out.php` | Medium
 33 | File | `/public/plugins/` | High
-34 | File | `/SAP_Information_System/controllers/add_admin.php` | High
-35 | File | `/SASWebReportStudio/logonAndRender.do` | High
-36 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
-37 | File | `/secure/admin/ViewInstrumentation.jspa` | High
-38 | ... | ... | ...
+34 | ... | ... | ...
 
-There are 327 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 287 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -109,4 +105,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Chile Unknown/README.md

@@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Chile Unknown:
 
 * [US](https://vuldb.com/?country.us)
-* [CN](https://vuldb.com/?country.cn)
 * [ES](https://vuldb.com/?country.es)
+* [CN](https://vuldb.com/?country.cn)
 * ...
 
-There are 17 more country items available. Please use our online service to access the data.
+There are 29 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -214,13 +214,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
-2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
-3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
+1 | T1006 | CWE-22 | Pathname Traversal | High
+2 | T1055 | CWE-74 | Injection | High
+3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
+4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 5 | ... | ... | ... | ...
 
-There are 16 more TTP items available. Please use our online service to access the data.
+There are 18 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -228,64 +228,71 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `.php.gif` | Medium
-2 | File | `/?admin/user.html` | High
-3 | File | `/Admin/add-student.php` | High
-4 | File | `/admin/addemployee.php` | High
-5 | File | `/admin/conferences/list/` | High
+1 | File | `.github/workflows/combine-prs.yml` | High
+2 | File | `.php.gif` | Medium
+3 | File | `/?admin/user.html` | High
+4 | File | `/Admin/add-student.php` | High
+5 | File | `/admin/api/admin/articles/` | High
 6 | File | `/Admin/login.php` | High
-7 | File | `/admin/showbad.php` | High
-8 | File | `/admin/submit-articles` | High
-9 | File | `/apilog.php` | Medium
+7 | File | `/admin/submit-articles` | High
+8 | File | `/apilog.php` | Medium
+9 | File | `/cgi-bin/webadminget.cgi` | High
 10 | File | `/cgi-bin/wlogin.cgi` | High
 11 | File | `/connectors/index.php` | High
-12 | File | `/employeeview.php` | High
-13 | File | `/etc/sudoers` | Medium
-14 | File | `/forum/away.php` | High
-15 | File | `/index.php` | Medium
-16 | File | `/items/view_item.php` | High
-17 | File | `/manager/index.php` | High
-18 | File | `/medical/inventories.php` | High
-19 | File | `/mkshop/Men/profile.php` | High
-20 | File | `/mobile/downloadfile.aspx` | High
-21 | File | `/modules/profile/index.php` | High
-22 | File | `/modules/projects/vw_files.php` | High
-23 | File | `/modules/public/calendar.php` | High
-24 | File | `/net/nfc/netlink.c` | High
-25 | File | `/newsDia.php` | Medium
-26 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
-27 | File | `/out.php` | Medium
-28 | File | `/outgoing.php` | High
-29 | File | `/php_action/editProductImage.php` | High
-30 | File | `/public/launchNewWindow.jsp` | High
-31 | File | `/sacco_shield/manage_user.php` | High
-32 | File | `/spip.php` | Medium
-33 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
-34 | File | `/staff/bookdetails.php` | High
-35 | File | `/staff/delete.php` | High
-36 | File | `/uncpath/` | Medium
-37 | File | `/user/update_booking.php` | High
-38 | File | `/var/log/qualys/qualys-cloud-agent-scan.log` | High
-39 | File | `/WEB-INF/web.xml` | High
-40 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
-41 | File | `/wordpress/wp-admin/options-general.php` | High
-42 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
-43 | File | `AdClass.php` | Medium
-44 | File | `adclick.php` | Medium
-45 | File | `addtocart.asp` | High
-46 | File | `admin.jcomments.php` | High
-47 | File | `admin.php` | Medium
-48 | File | `admin/conf_users_edit.php` | High
-49 | File | `admincp.php` | Medium
-50 | File | `admincp/search.php?do=dosearch` | High
-51 | File | `admin_feature.php` | High
-52 | File | `album_portal.php` | High
-53 | File | `artlinks.dispnew.php` | High
-54 | File | `asyncjobscheduler-manager.log` | High
-55 | File | `auction\auction_common.php` | High
-56 | ... | ... | ...
+12 | File | `/Default/Bd` | Medium
+13 | File | `/dev/block/mmcblk0rpmb` | High
+14 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
+15 | File | `/employeeview.php` | High
+16 | File | `/face-recognition-php/facepay-master/camera.php` | High
+17 | File | `/forum/away.php` | High
+18 | File | `/fos/admin/ajax.php?action=login` | High
+19 | File | `/fos/admin/index.php?page=menu` | High
+20 | File | `/hrm/controller/employee.php` | High
+21 | File | `/hrm/employeeadd.php` | High
+22 | File | `/hrm/employeeview.php` | High
+23 | File | `/index.php` | Medium
+24 | File | `/items/view_item.php` | High
+25 | File | `/jsoa/hntdCustomDesktopActionContent` | High
+26 | File | `/lookin/info` | Medium
+27 | File | `/manager/index.php` | High
+28 | File | `/medical/inventories.php` | High
+29 | File | `/modules/profile/index.php` | High
+30 | File | `/modules/projects/vw_files.php` | High
+31 | File | `/modules/public/calendar.php` | High
+32 | File | `/net/nfc/netlink.c` | High
+33 | File | `/newsDia.php` | Medium
+34 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
+35 | File | `/out.php` | Medium
+36 | File | `/php_action/editProductImage.php` | High
+37 | File | `/product/savenewproduct.php?flag=1` | High
+38 | File | `/proxy` | Low
+39 | File | `/Redcock-Farm/farm/category.php` | High
+40 | File | `/reports/rwservlet` | High
+41 | File | `/sacco_shield/manage_user.php` | High
+42 | File | `/services/Card/findUser` | High
+43 | File | `/spip.php` | Medium
+44 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
+45 | File | `/staff/bookdetails.php` | High
+46 | File | `/uncpath/` | Medium
+47 | File | `/user/update_booking.php` | High
+48 | File | `/var/log/qualys/qualys-cloud-agent-scan.log` | High
+49 | File | `/view-property.php` | High
+50 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
+51 | File | `/wordpress/wp-admin/options-general.php` | High
+52 | File | `/wp-content/plugins/updraftplus/admin.php` | High
+53 | File | `01article.php` | High
+54 | File | `AbstractScheduleJob.java` | High
+55 | File | `actionphp/download.File.php` | High
+56 | File | `adclick.php` | Medium
+57 | File | `addtocart.asp` | High
+58 | File | `admin.php` | Medium
+59 | File | `admin/admin/adminsave.html` | High
+60 | File | `admin/conf_users_edit.php` | High
+61 | File | `admin/login.php` | High
+62 | File | `admin/panels/entry/admin.entry.list.php` | High
+63 | ... | ... | ...
 
-There are 484 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 549 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -302,4 +309,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Chimera/README.md

@@ -31,14 +31,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
+1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-28 | Pathname Traversal | High
 2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
 4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 6 | ... | ... | ... | ...
 
-There are 22 more TTP items available. Please use our online service to access the data.
+There are 20 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -48,41 +48,40 @@ ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
 1 | File | `.FBCIndex` | Medium
 2 | File | `/.ssh/authorized_keys` | High
-3 | File | `/Admin/add-student.php` | High
-4 | File | `/admin/admin.php` | High
-5 | File | `/admin/conferences/list/` | High
-6 | File | `/admin/index.PHP` | High
-7 | File | `/admin/sendmailto.php?tomail=&groupid=` | High
-8 | File | `/admin/update_traveller.php` | High
-9 | File | `/advanced-tools/nova/bin/netwatch` | High
-10 | File | `/bsms_ci/index.php` | High
-11 | File | `/bsms_ci/index.php/user/edit_user/` | High
-12 | File | `/cameras/XXXX/clips` | High
-13 | File | `/carbon/mediation_secure_vault/properties/ajaxprocessor.jsp` | High
-14 | File | `/carbon/ndatasource/validateconnection/ajaxprocessor.jsp` | High
-15 | File | `/cgi-bin/qcmap_auth` | High
-16 | File | `/cgi-bin/wlogin.cgi` | High
-17 | File | `/CommunitySSORedirect.jsp` | High
-18 | File | `/Content/Template/root/reverse-shell.aspx` | High
-19 | File | `/debug/pprof` | Medium
-20 | File | `/diagnostic/editclient.php` | High
-21 | File | `/editbrand.php` | High
-22 | File | `/etc/sudoers` | Medium
-23 | File | `/filemanager/php/connector.php` | High
-24 | File | `/forum/away.php` | High
-25 | File | `/index.php?module=global_lists/lists` | High
-26 | File | `/leave_system/classes/Master.php?f=delete_application` | High
+3 | File | `/admin/admin.php` | High
+4 | File | `/blogengine/api/posts` | High
+5 | File | `/bsms_ci/index.php` | High
+6 | File | `/bsms_ci/index.php/user/edit_user/` | High
+7 | File | `/carbon/ndatasource/validateconnection/ajaxprocessor.jsp` | High
+8 | File | `/cgi-bin/api-get_line_status` | High
+9 | File | `/cgi-bin/luci` | High
+10 | File | `/cgi-bin/nobody/VerifyCode.cgi` | High
+11 | File | `/cgi-bin/qcmap_auth` | High
+12 | File | `/cgi-bin/upload_vpntar` | High
+13 | File | `/cgi-bin/wlogin.cgi` | High
+14 | File | `/CommunitySSORedirect.jsp` | High
+15 | File | `/Content/Template/root/reverse-shell.aspx` | High
+16 | File | `/diagnostic/editclient.php` | High
+17 | File | `/export` | Low
+18 | File | `/filemanager/php/connector.php` | High
+19 | File | `/forum/away.php` | High
+20 | File | `/h/calendar` | Medium
+21 | File | `/hrm/controller/employee.php` | High
+22 | File | `/index.php?module=global_lists/lists` | High
+23 | File | `/login/index.php` | High
+24 | File | `/mkshope/login.php` | High
+25 | File | `/network_test.php` | High
+26 | File | `/obs/book.php` | High
 27 | File | `/okm:root` | Medium
-28 | File | `/opt/onedev/sites/` | High
-29 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
-30 | File | `/out.php` | Medium
-31 | File | `/phpinventory/editcategory.php` | High
+28 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
+29 | File | `/out.php` | Medium
+30 | File | `/products/view_product.php` | High
+31 | File | `/public/launchNewWindow.jsp` | High
 32 | File | `/public_html/animals` | High
-33 | File | `/secure/QueryComponent!Default.jspa` | High
-34 | File | `/sqfs/bin/sccd` | High
-35 | ... | ... | ...
+33 | File | `/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf` | High
+34 | ... | ... | ...
 
-There are 299 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 289 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -100,4 +99,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Christmas Island Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [FR](https://vuldb.com/?country.fr)
 * ...
 
-There are 12 more country items available. Please use our online service to access the data.
+There are 14 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -78,9 +78,10 @@ ID | Type | Indicator | Confidence
 29 | File | `album_portal.php` | High
 30 | File | `api.php` | Low
 31 | File | `application/home/controller/debug.php` | High
-32 | ... | ... | ...
+32 | File | `articulo.php` | Medium
+33 | ... | ... | ...
 
-There are 275 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 279 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -97,4 +98,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Chronos/README.md

@@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Chronos:
 
 * [US](https://vuldb.com/?country.us)
+* [AZ](https://vuldb.com/?country.az)
 * [RU](https://vuldb.com/?country.ru)
-* [TR](https://vuldb.com/?country.tr)
 * ...
 
 There are 1 more country items available. Please use our online service to access the data.
@@ -35,7 +35,8 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1059.007 | CWE-79 | Cross Site Scripting | High
-2 | T1068 | CWE-264 | Execution with Unnecessary Privileges | High
+2 | T1068 | CWE-264, CWE-269 | Execution with Unnecessary Privileges | High
+3 | T1592 | CWE-200 | Configuration | High
 
 ## IOA - Indicator of Attack
 
@@ -62,4 +63,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Chthonic/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [JP](https://vuldb.com/?country.jp)
 * ...
 
-There are 3 more country items available. Please use our online service to access the data.
+There are 4 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -66,7 +66,7 @@ ID | Technique | Weakness | Description | Confidence
 4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 5 | ... | ... | ... | ...
 
-There are 14 more TTP items available. Please use our online service to access the data.
+There are 15 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -82,28 +82,26 @@ ID | Type | Indicator | Confidence
 6 | File | `/debug/pprof` | Medium
 7 | File | `/export` | Low
 8 | File | `/file?action=download&file` | High
-9 | File | `/medical/inventories.php` | High
-10 | File | `/monitoring` | Medium
-11 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
-12 | File | `/plugin/LiveChat/getChat.json.php` | High
-13 | File | `/plugins/servlet/audit/resource` | High
-14 | File | `/plugins/servlet/project-config/PROJECT/roles` | High
-15 | File | `/replication` | Medium
-16 | File | `/RestAPI` | Medium
-17 | File | `/tmp` | Low
+9 | File | `/hardware` | Medium
+10 | File | `/medical/inventories.php` | High
+11 | File | `/monitoring` | Medium
+12 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
+13 | File | `/plugin/LiveChat/getChat.json.php` | High
+14 | File | `/plugins/servlet/audit/resource` | High
+15 | File | `/plugins/servlet/project-config/PROJECT/roles` | High
+16 | File | `/replication` | Medium
+17 | File | `/RestAPI` | Medium
 18 | File | `/tmp/speedtest_urls.xml` | High
 19 | File | `/tmp/zarafa-vacation-*` | High
 20 | File | `/uncpath/` | Medium
 21 | File | `/upload` | Low
-22 | File | `/var/log/nginx` | High
-23 | File | `/var/run/watchman.pid` | High
-24 | File | `/viewer/krpano.html` | High
-25 | File | `/wp-json/oembed/1.0/embed?url` | High
-26 | File | `admin-ajax.php?action=get_wdtable order[0][dir]` | High
-27 | File | `AdxDSrv.exe` | Medium
-28 | ... | ... | ...
+22 | File | `/user/loader.php?api=1` | High
+23 | File | `/var/log/nginx` | High
+24 | File | `/var/run/watchman.pid` | High
+25 | File | `/viewer/krpano.html` | High
+26 | ... | ... | ...
 
-There are 232 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 223 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -129,4 +127,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Cloud Atlas/README.md

@@ -14,8 +14,12 @@ The following _campaigns_ are known and can be associated with Cloud Atlas:
 
 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Cloud Atlas:
 
-* [CN](https://vuldb.com/?country.cn)
-* [US](https://vuldb.com/?country.us)
+* [AR](https://vuldb.com/?country.ar)
+* [FR](https://vuldb.com/?country.fr)
+* [PT](https://vuldb.com/?country.pt)
+* ...
+
+There are 6 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -23,8 +27,12 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
 
 ID | IP address | Hostname | Campaign | Confidence
 -- | ---------- | -------- | -------- | ----------
-1 | [146.70.88.123](https://vuldb.com/?ip.146.70.88.123) | - | Russia and Belarus | High
-2 | [185.227.82.21](https://vuldb.com/?ip.185.227.82.21) | - | Russia and Belarus | High
+1 | [144.217.174.57](https://vuldb.com/?ip.144.217.174.57) | ip57.ip-144-217-174.net | - | High
+2 | [146.70.88.123](https://vuldb.com/?ip.146.70.88.123) | - | Russia and Belarus | High
+3 | [176.31.59.232](https://vuldb.com/?ip.176.31.59.232) | - | - | High
+4 | ... | ... | ... | ...
+
+There are 1 more IOC items available. Please use our online service to access the data.
 
 ## TTP - Tactics, Techniques, Procedures
 
@@ -32,12 +40,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-22 | Pathname Traversal | High
-2 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
-3 | T1068 | CWE-284 | Execution with Unnecessary Privileges | High
-4 | ... | ... | ... | ...
+1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
+2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
+3 | T1055 | CWE-74 | Injection | High
+4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
+5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+6 | ... | ... | ... | ...
 
-There are 2 more TTP items available. Please use our online service to access the data.
+There are 21 more TTP items available. Please use our online service to access the data.
 
 ## IOA - Indicator of Attack
 
@@ -45,18 +55,52 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `/inc/parser/xhtml.php` | High
-2 | File | `application/controller/InstallerController.php` | High
-3 | File | `contact.php` | Medium
-4 | ... | ... | ...
+1 | File | `/action/import_xml_file/` | High
+2 | File | `/action/wirelessConnect` | High
+3 | File | `/admin/?page=user/manage_user` | High
+4 | File | `/admin/myaccount` | High
+5 | File | `/admin/pages/sections_save.php` | High
+6 | File | `/admin/settings/fields` | High
+7 | File | `/api/v1/chat.getThreadsList` | High
+8 | File | `/api/v2/cli/commands` | High
+9 | File | `/api/v2/open/rowsInfo` | High
+10 | File | `/api/v3/flows/instances/default-user-settings-flow/execute/` | High
+11 | File | `/asms/admin/?page=user/manage_user` | High
+12 | File | `/blog/comment` | High
+13 | File | `/csms/admin/?page=system_info` | High
+14 | File | `/env` | Low
+15 | File | `/etc/master.passwd` | High
+16 | File | `/etc/os-release` | High
+17 | File | `/front/search.php` | High
+18 | File | `/garage/php_action/createBrand.php` | High
+19 | File | `/goform/addressNat` | High
+20 | File | `/goform/AdvSetWrlsafeset` | High
+21 | File | `/goform/editFileName` | High
+22 | File | `/goform/form2WizardStep54` | High
+23 | File | `/goform/setSysAdm` | High
+24 | File | `/goform/webExcptypemanFilter` | High
+25 | File | `/goform/WifiBasicSet` | High
+26 | File | `/goform/WifiMacFilterGet` | High
+27 | File | `/hss/admin/categories/view_category.php` | High
+28 | File | `/isomedia/meta.c` | High
+29 | File | `/mods/_core/courses/users/create_course.php` | High
+30 | File | `/module/report_event/index.php` | High
+31 | File | `/Redcock-Farm/farm/category.php` | High
+32 | File | `/release-x64/otfccdump+0x6c0a32` | High
+33 | File | `/services/view_service.php` | High
+34 | File | `/shell` | Low
+35 | File | `/sys/user/putRecycleBin` | High
+36 | File | `/tmp` | Low
+37 | ... | ... | ...
 
-There are 7 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 316 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
 The following list contains _external sources_ which discuss the actor and the associated activities:
 
 * https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
+* https://securelist.com/recent-cloud-atlas-activity/92016/
 
 ## Literature
 
@@ -67,4 +111,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Cloud/README.md

@@ -27,4 +27,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Cobalt Mirage/README.md

@@ -43,4 +43,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Conficker/README.md

@@ -61,7 +61,7 @@ ID | Type | Indicator | Confidence
 12 | File | `admin/adminsignin.html` | High
 13 | ... | ... | ...
 
-There are 97 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 100 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -78,4 +78,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

actors/Congo Republic Unknown/README.md

@@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [ES](https://vuldb.com/?country.es)
 * ...
 
-There are 16 more country items available. Please use our online service to access the data.
+There are 17 more country items available. Please use our online service to access the data.
 
 ## IOC - Indicator of Compromise
 
@@ -43,7 +43,8 @@ ID | Technique | Weakness | Description | Confidence
 1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
 2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
-4 | ... | ... | ... | ...
+4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
+5 | ... | ... | ... | ...
 
 There are 14 more TTP items available. Please use our online service to access the data.
 
@@ -82,9 +83,10 @@ ID | Type | Indicator | Confidence
 27 | File | `admin/adminsignin.html` | High
 28 | File | `admin/movieview.php` | High
 29 | File | `admin/notices/perso.inc.php` | High
-30 | ... | ... | ...
+30 | File | `admin/versions.html` | High
+31 | ... | ... | ...
 
-There are 254 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 261 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
 
 ## References
 
@@ -101,4 +103,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
 
 ## License
 
-(c) [1997-2022](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!