Stealthy DBatLoader Malware Loader Spreading Remcos RAT and Formbook in Europe
A new phishing campaign has set its sights on European entities to distribute Remcos RAT and Formbook via a malware...
Month: March 2023
President Biden Signs Executive Order Restricting Use of Commercial Spyware
U.S. President Joe Biden on Monday signed an executive order that restricts the use of commercial spyware by federal government...
LockBit 3.0 Ransomware Victim: islandinsurance[.]ca
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: piramal[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: grupcovesa[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: lqtbg[.]com[.]cn
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: swiftatlanta[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Tailscale command execution | CVE-2023-28436
NAME__________Tailscale command executionPlatforms Affected:Tailscale Tailscale 1.34.0 Tailscale Tailscale 1.38.1Risk Level:5.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Tailscale could allow a remote authenticated attacker to execute...
crewjam/saml go library denial of service | CVE-2023-28119
NAME__________crewjam/saml go library denial of servicePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________crewjam/saml go library is vulnerable to a denial of service,...
Cisco ASA, FTD, IOS and IOS XE Software denial of service | CVE-2023-20081
NAME__________Cisco ASA, FTD, IOS and IOS XE Software denial of servicePlatforms Affected:Cisco Adaptive Security Appliance Software Cisco IOS Software Cisco...
Invernyx smartCARS information disclosure | CVE-2023-28441
NAME__________Invernyx smartCARS information disclosurePlatforms Affected:Invernyx smartCARS 0.5.8Risk Level:7.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Invernyx smartCARS could allow a local attacker to obtain sensitive information,...
Open RDW kenteken voertuiginformatie Plugin for WordPress cross-site scripting | CVE-2022-47431
NAME__________Open RDW kenteken voertuiginformatie Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Open RDW kenteken voertuiginformatie plugin for WordPress 2.0.14Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting...
MagePeople Team Event Manager and Tickets Selling Plugin for WordPress cross-site scripting | CVE-2023-28422
NAME__________MagePeople Team Event Manager and Tickets Selling Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress MagePeople Team Event Manager and Tickets Selling...
Smart Slider 3 Plugin for WordPress cross-site scripting | CVE-2022-45843
NAME__________Smart Slider 3 Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Smart Slider 3 Plugin for WordPress 3.5.7Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Smart Slider...
Embed Any Document Plugin for WordPress cross-site scripting | CVE-2023-23707
NAME__________Embed Any Document Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Embed Any Document Plugin for WordPress 2.7.1Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Embed Any...
CM Answers Plugin for WordPress cross-site scripting | CVE-2023-25992
NAME__________CM Answers Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress CM Answers Plugin Plugin for WordPress 3.1.9Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________CM Answers Plugin...
Klaviyo Plugin for WordPress cross-site scripting | CVE-2023-25456
NAME__________Klaviyo Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Klaviyo Plugin for WordPress 3.0.7Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Klaviyo Plugin for WordPress is vulnerable...
CTT Expresso para WooCommerce Plugin for WordPress cross-site scripting | CVE-2023-47589
NAME__________CTT Expresso para WooCommerce Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress CTT Expresso para WooCommerce Plugin for WordPress 3.2.11Risk Level:4.8Exploitability:HighConsequences:Cross-Site Scripting...
Code Snippets Extension Plugin for WordPress cross-site scripting | CVE-2023-23650
NAME__________Code Snippets Extension Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Code Snippets Extension Plugin for WordPress 4.0.2Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Code Snippets...
IS Decisions UserLock MFA security bypass | CVE-2023-23192
NAME__________IS Decisions UserLock MFA security bypassPlatforms Affected:IS Decisions UserLock MFA 11.01Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________IS Decisions UserLock MFA could allow a...
Community Events Plugin for WordPress cross-site scripting | CVE-2022-44742
NAME__________Community Events Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Community Events Plugin for WordPress 1.4.8Risk Level:4.8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Community Events Plugin for...
Very Simple Google Maps Plugin for WordPress cross-site scripting | CVE-2023-23864
NAME__________Very Simple Google Maps Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Very Simple Google Maps Plugin for WordPress 2.8.4Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting...
Connect Contact Form 7, WooCommerce To Google Sheets & Other Platforms Plugin for WordPress cross-site scripting | CVE-2022-47173
NAME__________Connect Contact Form 7, WooCommerce To Google Sheets & Other Platforms Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Connect Contact Form...
DataEase SQL injection | CVE-2023-28437
NAME__________DataEase SQL injectionPlatforms Affected:DataEase DataEase 1.18.4Risk Level:6.5Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________DataEase is vulnerable to SQL injection. A remote attacker could send specially...
