Month: April 2022

Combodo iTop cross-site scripting | CVE-2022-24870

April 25, 2022

NAME Combodo iTop cross-site scripting Platforms Affected:Combodo iTop 3.0.0-beta Combodo iTop 3.0.0-beta2Risk Level:8.7Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Combodo iTop is vulnerable to...

ASUS RT-AX88U code execution | CVE-2022-26674

April 25, 2022

NAME ASUS RT-AX88U code execution Platforms Affected:ASUS RT-AX88U 3.0.0.4.386.4606Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION ASUS RT-AX88U could allow a remote attacker to...

Combodo iTop cross-site scripting | CVE-2021-41161

April 25, 2022

NAME Combodo iTop cross-site scripting Platforms Affected:Combodo iTop 3.0.0-beta Combodo iTop 3.0.0-beta2 Combodo iTop 3.0.0-beta3 Combodo iTop 3.0.0-beta4 Combodo iTop...

Combodo iTop cross-site scripting | CVE-2021-41162

April 25, 2022

NAME Combodo iTop cross-site scripting Platforms Affected:Combodo iTop 3.0.0-beta Combodo iTop 3.0.0-beta2 Combodo iTop 3.0.0-beta3 Combodo iTop 3.0.0-beta4 Combodo iTop...

BlackCat Ransomware gang breached over 60 orgs worldwide

April 25, 2022

At least 60 entities worldwide have been breached by BlackCat ransomware, warns a flash report published by the U.S. FBI....

Experts warn of a surge in zero-day flaws observed and exploited in 2021

April 25, 2022

The number of zero-day vulnerabilities exploited in cyberattacks in the wild exploded in the last years, security firm report. Google...

CISA

CISA: Google Releases Security Updates for Chrome

April 25, 2022

Google Releases Security Updates for Chrome Google has released Chrome version 100.0.4896.127 for Windows, Mac, and Linux. This version addresses...

CISA

CISA: CISA Releases Secure Cloud Business Applications (SCuBA) Guidance Documents for Public Comment

April 25, 2022

CISA Releases Secure Cloud Business Applications (SCuBA) Guidance Documents for Public Comment CISA has released draft versions of two guidance...

CISA

CISA: Cisco Releases Security Updates for Multiple Products

April 25, 2022

Cisco Releases Security Updates for Multiple Products Cisco has released security updates to address vulnerabilities in multiple Cisco products. An...

CISA

CISA: VMware Releases Security Updates for Cloud Director

April 25, 2022

VMware Releases Security Updates for Cloud Director VMware has released security updates to address a remote code execution vulnerability in...

CISA

CISA: Drupal Releases Security Updates

April 25, 2022

Drupal Releases Security Updates Drupal has released security updates to address vulnerabilities affecting Drupal 9.2 and 9.3. An attacker could...

CISA

CISA: Oracle Releases April 2022 Critical Patch Update

April 25, 2022

Oracle Releases April 2022 Critical Patch Update Oracle has released its Critical Patch Update for April 2022 to address 520...

CISA

CISA: North Korean State-Sponsored APT Targets Blockchain Companies

April 25, 2022

North Korean State-Sponsored APT Targets Blockchain Companies CISA, the Federal Bureau of Investigation (FBI), and the U.S. Treasury Department have...

CISA

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

April 25, 2022

CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...

CISA

CISA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

April 25, 2022

Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure The cybersecurity authorities of the United States, Australia, Canada, New Zealand,...

CISA

CISA: FBI Releases IOCs Associated with BlackCat/ALPHV Ransomware

April 25, 2022

FBI Releases IOCs Associated with BlackCat/ALPHV Ransomware The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of...

LockBit 2.0 Ransomware Victim: kdaponte[.]com

April 25, 2022

LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...

Spring4Shell-Scan – A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell And Spring Cloud RCE Vulnerabilities

April 24, 2022

A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities Features Support for lists of...

Month: April 2022

Combodo iTop cross-site scripting | CVE-2022-24870

ASUS RT-AX88U code execution | CVE-2022-26674

Combodo iTop cross-site scripting | CVE-2021-41161

Combodo iTop cross-site scripting | CVE-2021-41162

BlackCat Ransomware gang breached over 60 orgs worldwide

Experts warn of a surge in zero-day flaws observed and exploited in 2021

CISA: Google Releases Security Updates for Chrome

CISA: CISA Releases Secure Cloud Business Applications (SCuBA) Guidance Documents for Public Comment

CISA: Cisco Releases Security Updates for Multiple Products

CISA: VMware Releases Security Updates for Cloud Director

CISA: Drupal Releases Security Updates

CISA: Oracle Releases April 2022 Critical Patch Update

CISA: North Korean State-Sponsored APT Targets Blockchain Companies

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

CISA: FBI Releases IOCs Associated with BlackCat/ALPHV Ransomware

LockBit 2.0 Ransomware Victim: kdaponte[.]com

Spring4Shell-Scan – A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell And Spring Cloud RCE Vulnerabilities

Atlassian addresses a critical Jira authentication bypass flaw

Malwarescanner – Simple Malware Scanner Written In Python

Since declaring cyber war on Russia Anonymous leaked 5.8 TB of Russian data

Cobalt Stike Beacon Detected – 124[.]221[.]231[.]229:8081

Cobalt Stike Beacon Detected – 124[.]222[.]248[.]86:22222

Cobalt Stike Beacon Detected – 175[.]24[.]235[.]92:9999

[RANSOMHUB] – Ransomware Victim: blr[.]com

HackerOne Bug Bounty Disclosure: std-process-command-batch-files-argument-escaping-could-be-bypassed-with-trailing-whitespace-or-periods–xpl-r-r

[LOCKBIT3] – Ransomware Victim: madison-home[.]com

[CHORT] – Ransomware Victim: sheboyganwi[.]gov

[QILIN] – Ransomware Victim: Zimmerman & Frachtman PA Law Firm

You may have missed