Month: March 2023

Trusted Computing Group Trusted Platform Module information disclosure | US-CERT VU#782720

March 6, 2023

NAME__________Trusted Computing Group Trusted Platform Module information disclosurePlatforms Affected:Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Trusted...

SourceCodester Health Center Patient Record Management System cross-site scripting | CVE-2023-1156

March 6, 2023

NAME__________SourceCodester Health Center Patient Record Management System cross-site scriptingPlatforms Affected:Sourcecodester Health Center Patient Record Management System 1.0Risk Level:3.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SourceCodester...

Cost Calculator plugin for WordPress cross-site scripting | CVE-2023-1155

March 6, 2023

NAME__________Cost Calculator plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Cost Calculator plugin for WordPress 1.8Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Cost Calculator plugin for...

ASOS cross-site scripting | CVE-2023-0577

March 6, 2023

NAME__________ASOS cross-site scriptingPlatforms Affected:ASOS Information Technologies Book Cites 23.01Risk Level:4.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________ASOS Information Technologies Book Cites is vulnerable to cross-site...

Saleor information disclosure | CVE-2023-26052

March 6, 2023

NAME__________Saleor information disclosurePlatforms Affected:Saleor Saleor 3.1.47 Saleor Saleor 3.7.58 Saleor Saleor 3.8.29 Saleor Saleor 3.9.26 Saleor Saleor 3.10.13 Saleor Saleor...

Saleor information disclosure | CVE-2023-26051

March 6, 2023

NAME__________Saleor information disclosurePlatforms Affected:Saleor Saleor 3.1.47 Saleor Saleor 3.7.58 Saleor Saleor 3.8.29 Saleor Saleor 3.9.26 Saleor Saleor 3.10.13 Saleor Saleor...

Wireshark CSN.1 dissectors denial of service |

March 6, 2023

NAME__________Wireshark CSN.1 dissectors denial of servicePlatforms Affected:Wireshark Wireshark 3.6.11 Wireshark Wireshark 4.0.3Risk Level:4.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Wireshark is vulnerable to a...

Barracuda CloudGen WAN code execution | CVE-2023-26213

March 6, 2023

NAME__________Barracuda CloudGen WAN code executionPlatforms Affected:Barracuda CloudGen WAN 8Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Barracuda CloudGen WAN could allow a remote...

Experts Discover Flaw in U.S. Govt’s Chosen Quantum-Resistant Encryption Algorithm

March 6, 2023

A group of researchers has revealed what it says is a vulnerability in a specific implementation of CRYSTALS-Kyber, one of...

Malware Analysis – ransomware – 4a6a6b20f1cf998265b089feb5012ac7

March 6, 2023

Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 4a6a6b20f1cf998265b089feb5012ac7SHA1: aa88da5ce9890bdf997f221a298ca18647f26288ANALYSIS DATE: 2023-03-06T04:51:27ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – djvu – a37fa640918e06175da7722b194c17ab

March 6, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: a37fa640918e06175da7722b194c17abSHA1: edde020e0685637f4450449a299ecdc5f2997fb5ANALYSIS DATE: 2023-03-06T03:23:57ZTTPS: T1082, T1060, T1112, T1222, T1053,...

Malware Analysis – djvu – 0e9068c4be5e880db73154d4218fd7c5

March 6, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 0e9068c4be5e880db73154d4218fd7c5SHA1: 30315cac90f329dbe15efec6c4f79a0eba2f03a2ANALYSIS DATE: 2023-03-06T03:29:20ZTTPS: T1060, T1112, T1222, T1012, T1082,...

Malware Analysis – djvu – 6dc622629cf30ee6350b78c9df50c621

March 6, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 6dc622629cf30ee6350b78c9df50c621SHA1: 790e40e189cf8dabcb17a3eda7231d7c09011d89ANALYSIS DATE: 2023-03-06T05:22:26ZTTPS: T1082, T1012, T1005, T1081, T1060,...

Malware Analysis – djvu – b66b5d51679cd1f46f708ab234e4227f

March 6, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: b66b5d51679cd1f46f708ab234e4227fSHA1: c8d5949541be77acfa25dc684590846edcb4f803ANALYSIS DATE: 2023-03-06T05:42:05ZTTPS: T1222, T1012, T1082, T1005, T1081,...

Malware Analysis – djvu – 7f136de7223a572a2fc577f6423b647d

March 6, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 7f136de7223a572a2fc577f6423b647dSHA1: 7cf22e2a8194e2d99157c0b051d10b7a5ee057b5ANALYSIS DATE: 2023-03-06T05:40:18ZTTPS: T1012, T1005, T1081, T1082, T1053,...

Malware Analysis – djvu – 449277c34c45a5a7e0b9b366a42854b0

March 6, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 449277c34c45a5a7e0b9b366a42854b0SHA1: 163fb2d2c6fa956afef9d29a45acade5db89a12dANALYSIS DATE: 2023-03-06T05:31:52ZTTPS: T1005, T1081, T1060, T1112, T1222,...

GunAuction.com – 565,470 breached accounts

March 6, 2023

HIBP In December 2022, the online firearms auction website GunAuction.com suffered a data breach which was later discovered left unprotected...

LBB – 39,288 breached accounts

March 6, 2023

HIBP In August 2022, customer data of the Indian shopping site "LBB" (Little Black Book) was posted to a popular...

Vice Society Ransomware Victim: HAW Hamburg

March 6, 2023

Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Malware Analysis – persistence – 23ed5b08fd2575622addefa1b07adc1e

March 6, 2023

Score: 6 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 23ed5b08fd2575622addefa1b07adc1eSHA1: efee24317ff461103fa7f72b5f8b986f3c6eff50ANALYSIS DATE: 2023-03-05T21:03:20ZTTPS: T1491, T1112, T1060 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – djvu – bd584c26eb1bde0cf75b0ccf64f4b64a

March 6, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: bd584c26eb1bde0cf75b0ccf64f4b64aSHA1: ce6ca89cf1ed0be301ccdceab75968fc2a6582a6ANALYSIS DATE: 2023-03-05T21:40:47ZTTPS: T1222, T1012, T1082, T1005, T1081,...

Malware Analysis – djvu – e5a6fdb93a403d174e1f51d52baaf410

March 6, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: e5a6fdb93a403d174e1f51d52baaf410SHA1: 9862d7fd9b8fb94651dc1792c985886997f57f5bANALYSIS DATE: 2023-03-05T21:36:24ZTTPS: T1005, T1081, T1222, T1082, T1012,...

Malware Analysis – djvu – df2e55e02bed6ff498732664504ca465

March 6, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: df2e55e02bed6ff498732664504ca465SHA1: 0cf21403bef8c801b84d934b738fb1f30cd1df94ANALYSIS DATE: 2023-03-05T21:35:07ZTTPS: T1060, T1112, T1082, T1005, T1081,...

Malware Analysis – djvu – 7dbba7788d5ab9706aa1a3ac1cde5b79

March 6, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 7dbba7788d5ab9706aa1a3ac1cde5b79SHA1: bc4d6ced2ec3137206cd4379e172632360be6f39ANALYSIS DATE: 2023-03-05T21:48:58ZTTPS: T1053, T1005, T1081, T1222, T1082,...

Month: March 2023

Trusted Computing Group Trusted Platform Module information disclosure | US-CERT VU#782720

SourceCodester Health Center Patient Record Management System cross-site scripting | CVE-2023-1156

Cost Calculator plugin for WordPress cross-site scripting | CVE-2023-1155

ASOS cross-site scripting | CVE-2023-0577

Saleor information disclosure | CVE-2023-26052

Saleor information disclosure | CVE-2023-26051

Wireshark CSN.1 dissectors denial of service |

Barracuda CloudGen WAN code execution | CVE-2023-26213

Experts Discover Flaw in U.S. Govt’s Chosen Quantum-Resistant Encryption Algorithm

Malware Analysis – ransomware – 4a6a6b20f1cf998265b089feb5012ac7

Malware Analysis – djvu – a37fa640918e06175da7722b194c17ab

Malware Analysis – djvu – 0e9068c4be5e880db73154d4218fd7c5

Malware Analysis – djvu – 6dc622629cf30ee6350b78c9df50c621

Malware Analysis – djvu – b66b5d51679cd1f46f708ab234e4227f

Malware Analysis – djvu – 7f136de7223a572a2fc577f6423b647d

Malware Analysis – djvu – 449277c34c45a5a7e0b9b366a42854b0

GunAuction.com – 565,470 breached accounts

LBB – 39,288 breached accounts

Vice Society Ransomware Victim: HAW Hamburg

Malware Analysis – persistence – 23ed5b08fd2575622addefa1b07adc1e

Malware Analysis – djvu – bd584c26eb1bde0cf75b0ccf64f4b64a

Malware Analysis – djvu – e5a6fdb93a403d174e1f51d52baaf410

Malware Analysis – djvu – df2e55e02bed6ff498732664504ca465

Malware Analysis – djvu – 7dbba7788d5ab9706aa1a3ac1cde5b79

[HUNTERS] – Ransomware Victim: Ace Laboratories Limited

CISA: JCDC’s Industry-Government Collaboration Speeds Mitigation of CrowdStrike IT Outage

CISA: CISA Releases Four Industrial Control Systems Advisories

CISA: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

CISA: CISA Releases Three Industrial Control Systems Advisories

You may have missed