Month: January 2022

CVE prog

CVE-2021-45525

January 7, 2022

Summary: Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX7000 before 1.0.1.80, R6400...

CVE prog

CVE-2021-45526

January 7, 2022

Summary: Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX6000 before 1.0.0.38, EX6120...

CVE prog

CVE-2020-20948

January 7, 2022

Summary: An arbitrary file download vulnerability in jeecg v3.8 allows attackers to access sensitive files via modification of the "localPath"...

CVE prog

CVE-2020-20945

January 7, 2022

Summary: A Cross-Site Request Forgery (CSRF) in /admin/index.php?lfj=member&action=editmember of Qibosoft v7 allows attackers to arbitrarily add administrator accounts. Reference Links(if...

CVE prog

CVE-2017-2488

January 7, 2022

Summary: A cryptographic weakness existed in the authentication protocol of Remote Desktop. This issue was addressed by implementing the Secure...

cuba

Cuba Ransomware Victim: Sonomatic

January 7, 2022

Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...

cuba

Cuba Ransomware Victim: Ncmutuallife

January 7, 2022

Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...

cuba

Cuba Ransomware Victim: Atlasdie

January 7, 2022

Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...

cuba

Cuba Ransomware Victim: Squamish

January 7, 2022

Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...

cuba

Cuba Ransomware Victim: Bakertilly

January 7, 2022

Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...

cuba

Cuba Ransomware Victim: Lahebert

January 7, 2022

Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...

osint

Mortar – Evasion Technique To Defeat And Divert Detection And Prevention Of Security Products (AV/EDR/XDR)

January 7, 2022

red teaming evasion technique to defeat and divert detection and prevention of security products.Mortar Loader performs encryption and decryption of...

lockbit_logo

LockBit 2.0 Ransomware Victim: chervongroup[.]com

January 7, 2022

LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...

osint

Norton Crypto, the controversial cryptomining feature of Norton 360

January 7, 2022

Experts warn that the popular antivirus product Norton 360 has installed a cryptocurrency miner on its customers’ computers. Many users...

Cobalt Strike

Cobalt Stike Beacon Detected – 121[.]4[.]63[.]248:80

January 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 158[.]247[.]210[.]78:443

January 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

cyber security 1805632 1280

CVE-2019-7609 – Elastic / Kibana – Code injection

January 7, 2022

Summary: CVE-2019-7609 is a code injection vulnerability impacting Elastic Kibana versions before 5.6.15 and 6.6.1. An exploit was observed in...

cyber security 1805632 1280

CVE-2019-12815 – ProFTPD / ProFTPD – Improper access control

January 7, 2022

Summary: CVE-2019-12815 is an improper access control vulnerability impacting ProFTPD file transfer protocol server up to version 1.3.5b. A proof...

osint

Over 3.7 million accounts were compromised in the FlexBooker data breach

January 7, 2022

The appointment scheduling service FlexBooker discloses a data breach that impacted over 3.7 million accounts. Threat actors compromised the FlexBooker...

1f62b

Night Sky, a new ransomware operation in the threat landscape

January 7, 2022

Researchers warn of a new ransomware family, called ‘Night Sky,’ that uses a double-extortion model in attacks again businesses. Researchers...

Cobalt Strike

Cobalt Stike Beacon Detected – 149[.]248[.]1[.]135:443

January 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 114[.]116[.]40[.]60:80

January 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 52[.]89[.]19[.]48:443

January 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 101[.]35[.]126[.]16:443

January 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

CISA

CISA: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

November 24, 2024

CISA

CISA: CISA Releases Four Industrial Control Systems Advisories

November 24, 2024

CISA

CISA: JCDC’s Industry-Government Collaboration Speeds Mitigation of CrowdStrike IT Outage

November 24, 2024

CISA

CISA: CISA Releases Three Industrial Control Systems Advisories

November 24, 2024

CISA

CISA: Foreign Threat Actor Conducting Large-Scale Spearphishing Campaign with RDP Attachments

November 24, 2024