Month: April 2023

Basta

Black Basta Ransomware Victim: Precision Fabrics Group

April 21, 2023

Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

uptycs

14 Kubernetes and Cloud Security Challenges and How to Solve Them

April 21, 2023

Recently, Andrew Martin, founder and CEO of ControlPlane, released a report entitled Cloud Native and Kubernetes Security Predictions 2023. These...

af05d63365dfb8384d32e0e5cf997154fb8434dcd0f0fa89c78fc3b4cb3b8439

N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX

April 21, 2023

The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company,...

LockBit 3.0 Ransomware Victim: tubosreunidosgroup[.]com

April 21, 2023

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

LockBit 3.0 Ransomware Victim: pkffinconta[.]ro

April 21, 2023

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

LockBit 3.0 Ransomware Victim: soapro[.]ao

April 21, 2023

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

LockBit 3.0 Ransomware Victim: soshin[.]co[.]jp

April 21, 2023

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

LockBit 3.0 Ransomware Victim: ibp[.]com[.]br

April 21, 2023

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

CVE prog

VMware Tanzu Spring Security security bypass | CVE-2023-20862

April 21, 2023

NAME__________VMware Tanzu Spring Security security bypassPlatforms Affected:VMware Tanzu Spring Security 5.7.0 VMware Tanzu Spring Security 5.7.7 VMware Tanzu Spring Security...

CVE prog

Strapi information disclosure | CVE-2023-22894

April 21, 2023

NAME__________Strapi information disclosurePlatforms Affected:Strapi Strapi 4.5.5Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Strapi could allow a remote attacker to obtain sensitive information, caused by...

CVE prog

Joruri GW cross-site scripting | CVE-2023-27888

April 21, 2023

NAME__________Joruri GW cross-site scriptingPlatforms Affected:Joruri Joruri Gw 3.2.5Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Joruri GW is vulnerable to cross-site scripting, caused by improper...

CVE prog

Omron CS/CJ Series information disclosure | CVE-2022-45794

April 21, 2023

NAME__________Omron CS/CJ Series information disclosurePlatforms Affected:OMRON SYSMAC CJ2H-CPU6-EIP OMRON SYSMAC CJ2H-CPU6 OMRON SYSMAC CJ1G-CPUP OMRON SYSMAC CS1H-CPUH OMRON SYSMAC CS1G-CPUH...

CVE prog

Cloud Hypervisor security bypass | CVE-2023-30612

April 21, 2023

NAME__________Cloud Hypervisor security bypassPlatforms Affected:Cloud Hypervisor Cloud Hypervisor 30.0 Cloud Hypervisor Cloud Hypervisor 31.0Risk Level:4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Cloud Hypervisor could allow...

CVE prog

AWS aws-sigv4 information disclosure | CVE-2023-30610

April 21, 2023

NAME__________AWS aws-sigv4 information disclosurePlatforms Affected:AWS aws-sigv4 0.55.0 AWS aws-sigv4 0.54.1 AWS aws-sigv4 0.53.1 AWS aws-sigv4 0.52.0 AWS aws-sigv4 0.51.0Risk Level:5.5Exploitability:UnprovenConsequences:Obtain...

CVE prog

Weaver Show Posts Plugin for WordPress cross-site scripting | CVE-2023-1404

April 21, 2023

NAME__________Weaver Show Posts Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Weaver Show Posts Theme for WordPress 1.6Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Weaver Show...

CVE prog

Oracle Java SE, Oracle GraalVM Enterprise Edition unspecified | CVE-2023-21939

April 21, 2023

NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition unspecifiedPlatforms Affected:Oracle Java SE 8u361 Oracle Java SE 8u361-perf Oracle Java SE 11.0.18...

CVE prog

Oracle Java SE, Oracle GraalVM Enterprise Edition unspecified | CVE-2023-21937

April 21, 2023

NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition unspecifiedPlatforms Affected:Oracle Java SE 8u361 Oracle Java SE 8u361-perf Oracle Java SE 11.0.18...

CVE prog

Discourse cross-site scripting | CVE-2023-30538

April 21, 2023

NAME__________Discourse cross-site scriptingPlatforms Affected:Discourse Discourse 3.0.1 Discourse Discourse 3.1.0.beta2Risk Level:3.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Discourse is vulnerable to cross-site scripting, caused by improper...

CVE prog

Oracle Java SE, Oracle GraalVM Enterprise Edition unspecified | CVE-2023-21938

April 21, 2023

NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition unspecifiedPlatforms Affected:Oracle GraalVM Enterprise Edition 20.3.8 Oracle GraalVM Enterprise Edition 21.3.4 Oracle GraalVM...

CVE prog

Weaver Xtreme Theme for WordPress cross-site scripting | CVE-2023-1403

April 21, 2023

NAME__________Weaver Xtreme Theme for WordPress cross-site scriptingPlatforms Affected:WordPress menu shortcode Plugin for WordPress 1.0 WordPress Weaver Xtreme theme for WordPress...

CVE prog

Code Sector TeraCopy information disclosure | CVE-2023-29586

April 21, 2023

NAME__________Code Sector TeraCopy information disclosurePlatforms Affected:Code Sector TeraCopy 3.9.7Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Code Sector TeraCopy could allow a remote attacker to...

CVE prog

Prestashop Shoppingfeed SQL injection | CVE-2023-28839

April 21, 2023

NAME__________Prestashop Shoppingfeed SQL injectionPlatforms Affected:PrestaShop Shoppingfeed module for PrestaShop 1.8.2Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Prestashop Shoppingfeed module is vulnerable to SQL injection....

CVE prog

Discourse Reactions information disclosure | CVE-2023-30611

April 21, 2023

NAME__________Discourse Reactions information disclosurePlatforms Affected:Discourse Discourse Reactions 0.3Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Discourse Reactions could allow a remote attacker to obtain sensitive...

CVE prog

Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE unspecified | CVE-2023-21930

April 21, 2023

NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE unspecifiedPlatforms Affected:Oracle GraalVM Enterprise Edition 20.3.5 Oracle GraalVM...

[KILLSEC] – Ransomware Victim: Nationwide Legal

November 24, 2024

[KILLSEC] – Ransomware Victim: Eassy Life

November 24, 2024

[INCRANSOM] – Ransomware Victim: Service Avicole JGL

November 24, 2024

[KILLSEC] – Ransomware Victim: Vogue Homes

November 24, 2024

[KILLSEC] – Ransomware Victim: Efi Sales

November 24, 2024