US-CERT Vulnerability Summary for the Week of March 20, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Month: March 2023
Daily Threat Intelligence – March 31 – 2023
Email inboxes of NATO, diplomats, and government and military officials are being targeted by an APT group whose operations appear...
Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability
The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as...
Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam
The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal...
Deep Dive Into 6 Key Steps to Accelerate Your Incident Response
Organizations rely on Incident response to ensure they are immediately aware of security incidents, allowing for quick action to minimize...
3CX Supply Chain Attack — Here’s What We Know So Far
Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are...
LockBit 3.0 Ransomware Victim: okcu[.]edu
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: groupe-seche[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: statravel[.]de
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hacla[.]org [part 2]
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: theus-industries[.]fr
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
lambdaisland/uri security bypass | CVE-2023-28628
NAME__________lambdaisland/uri security bypassPlatforms Affected:lambdaisland/uri lambdaisland/uri 1.13.95Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________lambdaisland/uri could allow a remote attacker to bypass security restrictions, caused by...
WordPress Ping Optimizer Plugin for WordPress cross-site request forgery | CVE-2022-30705
NAME__________WordPress Ping Optimizer Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress WordPress Ping Optimizer Plugin for WordPress 2.35.1.2.3Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________WordPress...
IEEE 802.11 spoofing | CVE-2022-47522
NAME__________IEEE 802.11 spoofingPlatforms Affected:IEEE 802.11Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________IEEE 802.11 could allow a remote attacker to conduct spoofing attacks, caused by...
Apple macOS Ventura, iOS and iPadOS information disclosure | CVE-2023-23527
NAME__________Apple macOS Ventura, iOS and iPadOS information disclosurePlatforms Affected:Apple macOS Ventura 13.2 Apple iOS 16.3 Apple iPadOS 16.3Risk Level:6.2Exploitability:UnprovenConsequences:Obtain Information...
Apple macOS Ventura, iOS and iPadOS security bypass | CVE-2023-23532
NAME__________Apple macOS Ventura, iOS and iPadOS security bypassPlatforms Affected:Apple macOS Ventura 13.2 Apple iOS 16.3 Apple iPadOS 16.3Risk Level:7.7Exploitability:UnprovenConsequences:Bypass Security...
RouterOS denial of service | CVE-2023-24094
NAME__________RouterOS denial of servicePlatforms Affected:Risk Level:5.3Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________RouterOS is vulnerable to a denial of service, caused by...
Apple macOS Ventura, iOS and iPadOS security bypass | CVE-2023-27932
NAME__________Apple macOS Ventura, iOS and iPadOS security bypassPlatforms Affected:Apple macOS Ventura 13.2 Apple iOS 16.3 Apple iPadOS 16.3Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security...
Ruijie Networks RG-EW1200G PRO, Ruijie Networks RG-EW1800GX PRO, and Ruijie Networks RG-EW3200GX PRO command execution | CVE-2023-27796
NAME__________Ruijie Networks RG-EW1200G PRO, Ruijie Networks RG-EW1800GX PRO, and Ruijie Networks RG-EW3200GX PRO command executionPlatforms Affected:Risk Level:6.3Exploitability:Proof of ConceptConsequences:Gain Access...
Hitachi SDM600 privilege escalation | CVE-2022-3685
NAME__________Hitachi SDM600 privilege escalationPlatforms Affected:Hitachi Energy SDM600Risk Level:7.5Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Hitachi SDM600 could allow a local authenticated attacker to gain elevated...
JetBrains TeamCity cross-site scripting | CVE-2022-48427
NAME__________JetBrains TeamCity cross-site scriptingPlatforms Affected:Risk Level:4.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________JetBrains TeamCity is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Hitachi SDM600 security bypass | CVE-2022-3686
NAME__________Hitachi SDM600 security bypassPlatforms Affected:Hitachi Energy SDM600Risk Level:4.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Hitachi SDM600 could allow a remote attacker to bypass security restrictions,...
F5 NGINX Ingress Controller information disclosure | CVE-2023-1550
NAME__________F5 NGINX Ingress Controller information disclosurePlatforms Affected:F5 NGINX Agent 2.23.2Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________F5 NGINX Ingress Controller could allow a remote...
JetBrains TeamCity cross-site scripting | CVE-2022-48426
NAME__________JetBrains TeamCity cross-site scriptingPlatforms Affected:Risk Level:4.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________JetBrains TeamCity is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
