CSURFACE CSURFACE THREAT SENSOR
  • Home
  • Analytics
  • News
  • About
  • Tools
    • Constellation
  • Libraries
    • CWE
    • CAPEC
    • MITRE ATT&CK
    • MITRE D3FEND
    • OWASP Top 10
    • Ransomware Groups
    • References
  • Support
  • EN | PT
  1. Home
  2. Ransomware Groups
  3. REVIL

REVIL

RANSOMWARE

Predicted CVEs (2) CORRELATION

How does prediction work?

Predicted CVEs are identified through automated correlation using multiple sources: vendor/product profiles historically targeted by the group (MITRE ATT&CK), attack chain patterns (KEV + TTPs), threat intelligence (MISP, STIX), and AI analysis. These CVEs have not been confirmed as exploited by this specific group, but have a high probability of being targets based on the actor's operational profile.

CVE-2021-42258 CRITICAL BQE BillQuick Web Suite medium 9.8 CVE-2021-42258 CRITICAL BQE BillQuick Web Suite predicted 9.8

ATT&CK Techniques (16)

T1078 Valid Accounts Initial Access T1190 Exploit Public-Facing Application Initial Access T1195 Supply Chain Compromise Initial Access T1059.001 Command and Scripting Interpreter: PowerShell Execution T1218.007 Signed Binary Proxy Execution: Msiexec Execution T1027 Obfuscated Files or Information Defense Evasion T1497 Virtualization/Sandbox Evasion Defense Evasion T1562.001 Disable or Modify Tools Defense Evasion T1003.001 OS Credential Dumping: LSASS Memory Credential Access T1082 System Information Discovery Discovery T1135 Network Share Discovery Discovery T1021.001 Remote Services: Remote Desktop Protocol Lateral Movement T1567.002 Exfiltration Over Web Service: Exfiltration to Cloud Storage Exfiltration T1071.001 Application Layer Protocol: Web Protocols Command and Control T1486 Data Encrypted for Impact Impact T1490 Inhibit System Recovery Impact

Statistics

CVEs
2
TTPs
16
Tools
1

Tools

AdFind

CSURFACE Threat Sensor — A CSURFACE project