INJ3CTOR3
· Published 28/01/2026 23:46 · Modified 28/01/2026 23:46
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 28/01/2026 23:46
- Modified
- 28/01/2026 23:46
- Updated at
- 28/01/2026 23:46
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 15 attack patterns (mitre), 1 malware, 2 sectors, 3 countries, 5 indicators, 3 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
3 CVEs 15 MITREs 1 Malware 5 Observables 1 APTPublished 28/01/2026 18:26 · Modified 28/01/2026 22:47
Attack patterns (MITRE) (15)
-
T1505.003 usesWeb Shell
-
T1136.001 usesLocal Account
-
T1562.001 usesDisable or Modify Tools
-
T1021.004 usesSSH
-
T1222.002 usesLinux and Mac File and Directory Permissions Modification
-
T1068 usesExploitation for Privilege Escalation
-
T1070.004 usesFile Deletion
-
T1036.005 usesMatch Legitimate Resource Name or Location
-
T1496 usesResource Hijacking
-
T1053.003 usesCron
-
T1059.004 usesUnix Shell
-
T1071.001 usesWeb Protocols
-
T1003 usesOS Credential Dumping
-
T1105 usesIngress Tool Transfer
-
T1190 usesExploit Public-Facing Application
Malware (1)
-
EncystPHP usesFamilyPublished 28/01/2026 18:26 · Modified 28/01/2026 18:26
Sectors (2)
- Technology targets
- Telecommunications targets
Countries (3)
- India targets
- British Indian Ocean Territory targets
- Brazil targets
Indicators (5)
-
29d74963f99563e711e5db39261df759f76da6893f3ca71a4704b9ee2b26b8c7indicates -
fc514c45fa8e3a49f003eae4e0c8b6a523409b8341503b529c85ffe396bb74f2indicates -
7e3a47e3c6b82eb02f6f1e4be6b8de4762194868a8de8fc9103302af7915c574indicates -
285fac34a5ffdac7cb047d412862e1ca5e091e70c0ac0383b71159fdd0d20bb2indicates -
71d94479d58c32d5618ca1e2329d8fa62f930e0612eb108ba3298441c6ba0302indicates
Vulnerabilities (CVE) (3)
CVE-2025-64328
KEV
8.6
High
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions 17.0.2.36 and above before 17.0.3, the filestore …
- Attack vector
- Network
- Complexity
- Low
- Published
- 07/11/2025
- Modified
- 18/06/2026
CVE-2019-19006
KEV
9.8
Critical
Sangoma FreePBX contains an improper authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services provided by the …
- Attack vector
- NETWORK
- Complexity
- Low
- Published
- 21/11/2019
- Modified
- 18/06/2026
9.8
Critical
FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attackers to execute arbitrary code, as …
- Attack vector
- NETWORK
- Published
- 22/12/2021
- Modified
- 28/01/2026