CISA warns of Android bug exploited by Chinese app to spy on users
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of a high-severity Android vulnerability believed to have been exploited...
Month: April 2023
US-CERT Vulnerability Summary for the Week of April 3, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Royal Ransomware Victim: 5Design
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Talon Outdoor
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Dataram
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Stanley Electric U[.]S[.]
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – discovery – aed07e5e91a732956dba1b37a9a6b48b
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, trojanMD5: aed07e5e91a732956dba1b37a9a6b48bSHA1: df1e7a31f48fec1bbc8cadcd3570a6ba7144c7e7ANALYSIS DATE: 2023-04-16T15:24:05ZTTPS: T1018, T1112, T1031, T1089, T1107, T1490, T1562,...
Malware Analysis – amadey – 2cd65f24e1ef47b1c27daf46f55c9351
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:rhadamanthys, family:smokeloader, family:vidar, botnet:623db25256a5734d1207787d269d05b2, botnet:pub1, botnet:sprg, backdoor, collection, discovery, evasion, persistence, ransomware, spyware,...
Malware Analysis – ransomware – 88a69bbc9bfdc9edc263a2024ca1d78d
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 88a69bbc9bfdc9edc263a2024ca1d78dSHA1: f973e09d77438bc01a93e310eb4513f24acc601eANALYSIS DATE: 2023-04-16T16:12:17ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – b4586f74cee9669371f2e64b6678641d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:623db25256a5734d1207787d269d05b2, discovery, persistence, ransomware, spyware, stealerMD5: b4586f74cee9669371f2e64b6678641dSHA1: f855ec126871e24159ac9e0bd438cc08d2eb1770ANALYSIS DATE: 2023-04-16T16:20:15ZTTPS: T1222, T1053, T1005, T1081,...
RubyGems commonmarker gem denial of service |
NAME__________RubyGems commonmarker gem denial of servicePlatforms Affected:RubyGems commonmarker 0.23.8Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________RubyGems commonmarker gem is vulnerable to a denial...
Fortinet FortiADC, Fortinet FortiDDoS, and Fortinet FortiDDoS-F command execution | CVE-2022-40679
NAME__________Fortinet FortiADC, Fortinet FortiDDoS, and Fortinet FortiDDoS-F command executionPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Fortinet FortiADC, Fortinet FortiDDoS, and Fortinet FortiDDoS-F could...
Sonos One Speaker information disclosure | CVE-2023-27353
NAME__________Sonos One Speaker information disclosurePlatforms Affected:Sonos One SpeakerRisk Level:5.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Sonos One Speaker could allow a remote attacker to obtain...
Sonos One Speaker information disclosure | CVE-2023-27350
NAME__________Sonos One Speaker information disclosurePlatforms Affected:Sonos One SpeakerRisk Level:5.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Sonos One Speaker could allow a remote attacker to obtain...
VMware Tanzu Spring Framework denial of service | CVE-2023-20863
NAME__________VMware Tanzu Spring Framework denial of servicePlatforms Affected:VMware Tanzu Spring Framework 5.3.0 VMware Tanzu Spring Framework 6.0.0 VMware Tanzu Spring...
WP Data Access plugin for WordPress privilege escalation | CVE-2023-1874
NAME__________WP Data Access plugin for WordPress privilege escalationPlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________WP Data Access plugin for WordPress could allow a...
Modal Dialog Plugin for WordPress cross-site scripting | CVE-2023-24001
NAME__________Modal Dialog Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Modal Dialog Plugin for WordPress 3.5.9Risk Level:5.9Exploitability:HighConsequences:Gain Access DESCRIPTION__________Modal Dialog Plugin for...
Vice Society Ransomware Victim: CommScope
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Daily Vulnerability Trends: Sun Apr 16 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-23397Microsoft Outlook Elevation of Privilege VulnerabilityCVE-2023-28231DHCP Server Service Remote Code Execution VulnerabilityCVE-2023-21817Windows...
Cybersecurity Tip: Protecting Yourself Against Phishing Attacks
Phishing attacks are a type of cyber attack where an attacker tries to trick you into revealing sensitive information, such...
NCR suffers Aloha POS outage after BlackCat ransomware attack
Source: NCR Aloha NCR is suffering an outage on its Aloha point of sale platform after being hit by an...
Hackers start abusing Action1 RMM in ransomware attacks
Security researchers are warning that cybercriminals are increasingly using the Action1 remote access software for persistence on compromised networks and...
Android malware infiltrates 60 Google Play apps with 100M installs
A new Android malware named 'Goldoson' has infiltrated Google Play through 60 legitimate apps that collectively have 100 million downloads....
BlackCat/ALPHV Ransomware Victim: Leadway Assurance Company Limited
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
