Another ransomware payment recovered by the Justice Department
The Justice Department today announced a complaint filed in the District of Kansas to forfeit cryptocurrency paid as ransom to...
Year: 2022
8220 Gang Cloud Botnet infected 30,000 host globally
The crimeware group known as 8220 Gang expanded over the last month their Cloud Botnet to roughly 30,000 hosts globally. ...
Oracle ZFS Storage Appliance Kit unspecified | CVE-2022-21513
NAME Oracle ZFS Storage Appliance Kit unspecified Platforms Affected:Oracle Sun ZFS Storage Appliance Kit 8.8Risk Level:8.2Exploitability:UnprovenConsequences:Other DESCRIPTION An unspecified vulnerability...
Node.js sushiswap-analytics module code execution |
NAME Node.js sushiswap-analytics module code execution Platforms Affected:Node.js sushiswap-analyticsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js sushiswap-analytics module could allow a remote attacker...
Node.js pancakeswap-v2-subgraph module code execution |
NAME Node.js pancakeswap-v2-subgraph module code execution Platforms Affected:Node.js pancakeswap-v2-subgraphRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js pancakeswap-v2-subgraph module could allow a remote attacker...
Node.js nodebb-theme-opera module code execution |
NAME Node.js nodebb-theme-opera module code execution Platforms Affected:Node.js nodebb-theme-operaRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js nodebb-theme-opera module could allow a remote attacker...
Oracle Database Server unspecified | CVE-2022-21510
NAME Oracle Database Server unspecified Platforms Affected:Oracle Database ServerRisk Level:8.8Exploitability:UnprovenConsequences:Other DESCRIPTION An unspecified vulnerability in Oracle Database Server related to...
Sourcecodester Garage Management System SQL injection | CVE-2022-2467
NAME Sourcecodester Garage Management System SQL injection Platforms Affected:Sourcecodester Garage Management System 1.0Risk Level:7.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION Sourcecodester Garage Management System...
Oracle PeopleSoft Enterprise PeopleTools unspecified | CVE-2022-21543
NAME Oracle PeopleSoft Enterprise PeopleTools unspecified Platforms Affected:Oracle PeopleSoft Enterprise PeopleTools 8.58 Oracle PeopleSoft Enterprise PeopleTools 8.59Risk Level:9.8Exploitability:UnprovenConsequences:Other DESCRIPTION An...
Node.js anyswap-rewards module code execution |
NAME Node.js anyswap-rewards module code execution Platforms Affected:Node.js anyswap-rewardsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js anyswap-rewards module could allow a remote attacker...
Node.js eslint-config-cap-it-ui module code execution |
NAME Node.js eslint-config-cap-it-ui module code execution Platforms Affected:Node.js eslint-config-cap-it-uiRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js eslint-config-cap-it-ui module could allow a remote attacker...
Node.js monash-college-combo-box module code execution |
NAME Node.js monash-college-combo-box module code execution Platforms Affected:Node.js monash-college-combo-boxRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js monash-college-combo-box module could allow a remote attacker...
Cisco Nexus Dashboard cross-site request forgery | CVE-2022-20861
NAME Cisco Nexus Dashboard cross-site request forgery Platforms Affected:Cisco Nexus Dashboard 1.1 Cisco Nexus Dashboard 2.0 Cisco Nexus Dashboard 2.1...
Grails code execution | CVE-2022-35912
NAME Grails code execution Platforms Affected:Grails Grails 3.3.14 Grails Grails 4.1.0 Grails Grails 5.2.0 Grails Grails 5.1.8Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
Oracle Communications Billing and Revenue Management unspecified | CVE-2022-21429
NAME Oracle Communications Billing and Revenue Management unspecified Platforms Affected:Oracle Communications Billing and Revenue Management 12.0.0.4 Oracle Communications Billing and...
Node.js anytoken-locked module code execution |
NAME Node.js anytoken-locked module code execution Platforms Affected:Node.js anytoken-lockedRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js anytoken-locked module could allow a remote attacker...
Daily Vulnerability Trends: Thu Jul 21 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-30065A use-after-free in Busybox 1.35-x's awk applet leads to denial of service...
Luna and Black Basta — new ransomware for Windows, Linux and ESXi
Introduction In our crimeware reporting service, we analyze the latest crime-related trends we come across. If we look back at...
Cobalt Stike Beacon Detected – 175[.]178[.]170[.]184:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 134[.]122[.]61[.]207:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Brute Ratel C4 Detected – 178[.]128[.]98[.]154:443
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Analyzing Penetration-Testing Tools That Threat Actors Use to Breach Systems and Steal Data
We discovered the use of two Python penetration-testing tools, Impacket and Responder, that malicious actors used to compromise systems and...
Improving Software Supply Chain Cybersecurity
Explore use cases for software supply chain cyberattacks and mitigation strategies to improve security maturity and reduce cyber risk. If...
New Luna ransomware targets Windows, Linux and ESXi systems
Kaspersky researchers discovered a new ransomware family written in Rust, named Luna, that targets Windows, Linux, and ESXi systems. Researchers...
