Oracle Java SE, Oracle GraalVM Enterprise Edition unspecified | CVE-2023-21939
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition unspecifiedPlatforms Affected:Oracle Java SE 8u361 Oracle Java SE 8u361-perf Oracle Java SE 11.0.18...
Month: April 2023
Omron CS/CJ Series information disclosure | CVE-2022-45794
NAME__________Omron CS/CJ Series information disclosurePlatforms Affected:OMRON SYSMAC CJ2H-CPU6-EIP OMRON SYSMAC CJ2H-CPU6 OMRON SYSMAC CJ1G-CPUP OMRON SYSMAC CS1H-CPUH OMRON SYSMAC CS1G-CPUH...
Oracle Java SE, Oracle GraalVM Enterprise Edition unspecified | CVE-2023-21954
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition unspecifiedPlatforms Affected:Oracle Java SE 8u361 Oracle Java SE 8u361-perf Oracle Java SE 11.0.18...
Secomea GateManager security bypass | CVE-2022-4308
NAME__________Secomea GateManager security bypassPlatforms Affected:Jsish Jsish 3.0.11Risk Level:6.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Secomea GateManager could allow a local attacker to bypass security restrictions,...
Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE unspecified | CVE-2023-21930
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE unspecifiedPlatforms Affected:Oracle GraalVM Enterprise Edition 20.3.5 Oracle GraalVM...
Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers
Print management software provider PaperCut said that it has "evidence to suggest that unpatched servers are being exploited in the...
New All-in-One “EvilExtractor” Stealer for Windows Systems Surfaces on the Dark Web
A new "all-in-one" stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed for sale for other threat actors...
Decoy Dog malware toolkit found after analyzing 70 billion DNS queries
A new enterprise-targeting malware toolkit called ‘Decoy Dog’ has been discovered after inspecting anomalous DNS traffic that is distinctive from...
Hackers can breach networks using data on resold corporate routers
Enterprise-level network equipment on the secondary market hide sensitive data that hackers could use to breach corporate environments or to...
Terravision – 2,075,625 breached accounts
HIBP In February 2023, the European airport transfers service Terravision suffered a data breach. The breach exposed over 2M records...
CISA: CISA and Partners Release Cybersecurity Best Practices for Smart Cities
CISA and Partners Release Cybersecurity Best Practices for Smart Cities Today, CISA, NSA, FBI, NCSC-UK(link is external), ACSC(link is external),...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on April 20, 2023. These...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for...
CISA: CISA to Continue and Enhance U.K.’s Logging Made Easy Tool
CISA to Continue and Enhance U.K.’s Logging Made Easy Tool CISA has announced plans to continue and enhance the Logging...
CISA: CISA Releases Malware Analysis Report on ICONICSTEALER
CISA Releases Malware Analysis Report on ICONICSTEALER CISA has released a new Malware Analysis Report (MAR) on an infostealer known...
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access...
CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security updates for vulnerabilities affecting Industrial Network Director (IND), Modeling...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
US-CERT Vulnerability Summary for the Week of April 10, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Malware Analysis – djvu – d40e6770732b567015fd74c4ad7ab22b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:bf58e1879f88b222ba2391682babf9d8, discovery, persistence, ransomware, spyware, stealerMD5: d40e6770732b567015fd74c4ad7ab22bSHA1: 112d0a3a264ccb52d809cb8c3359733221fc1d1bANALYSIS DATE: 2023-04-23T16:11:01ZTTPS: T1005, T1081, T1060, T1112,...
Malware Analysis – ransomware – e0c0eb3003d60d0f9b138b99386f3ac5
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: e0c0eb3003d60d0f9b138b99386f3ac5SHA1: 490055d08a5e685a9273ccdc21562d6e61f085ceANALYSIS DATE: 2023-04-23T15:53:28ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – a138167f24490e16fc61019313b21fe9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:bf58e1879f88b222ba2391682babf9d8, discovery, persistence, ransomware, spyware, stealerMD5: a138167f24490e16fc61019313b21fe9SHA1: 09083bb5f45cc3e4109d48980b01eb8ce97aad85ANALYSIS DATE: 2023-04-23T16:50:27ZTTPS: T1222, T1012, T1082, T1053,...