Daily Threat Intelligence – April 05 – 2023
It seems we may have bumped across one of the fastest ransomware strains ever observed. Named Rorschach, it encrypts files...
Month: April 2023
BugCrowd Bug Bounty Disclosure: – Clickjacking with reflected xss and redirected to google – By Orange_hacker
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Hackers Using Self-Extracting Archives Exploit for Stealthy Backdoor Attacks
An unknown threat actor used a malicious self-extracting archive (SFX) file in an attempt to establish persistent backdoor access to...
Google TAG Warns of North Korean-linked ARCHIPELAGO Cyberattacks
A North Korean government-backed threat actor has been linked to attacks targeting government and military personnel, think tanks, policy makers,...
CryptoClippy: New Clipper Malware Targeting Portuguese Cryptocurrency Users
Portuguese users are being targeted by a new malware codenamed CryptoClippy that's capable of stealing cryptocurrency as part of a...
Sorting Through Haystacks to Find CTI Needles
Clouded vision# CTI systems are confronted with some major issues ranging from the size of the collection networks to their...
Sorting Through Haystacks to Find CTI Needles
Clouded vision# CTI systems are confronted with some major issues ranging from the size of the collection networks to their...
Protect Your Company: Ransomware Prevention Made Easy
Every year hundreds of millions of malware attacks occur worldwide, and every year businesses deal with the impact of viruses,...
Typhon Reborn Stealer Malware Resurfaces with Advanced Evasion Techniques
The threat actor behind the information-stealing malware known as Typhon Reborn has resurfaced with an updated version (V2) that packs...
LockBit 3.0 Ransomware Victim: tvh[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: olympia[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: omscomponents[.]it
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: masrl[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Grade Point Average (GPA) Calculator cross-site scripting | CVE-2023-1771
NAME__________Grade Point Average (GPA) Calculator cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Grade Point Average (GPA) Calculator is vulnerable to cross-site scripting,...
Multiple QNAP operating systems information disclosure | CVE-2022-27598
NAME__________Multiple QNAP operating systems information disclosurePlatforms Affected:QNAP QTS QNAP QuTS hero QNAP QuTScloud QNAP QVP (QVR Pro appliances)Risk Level:2.7Exploitability:UnprovenConsequences:Obtain Information...
QNAP QTS, QNAP QuTS hero, QNAP QuTScloud, QNAP QVP (QVR Pro appliances), and QNAP QVR command execution | CVE-2023-23355
NAME__________QNAP QTS, QNAP QuTS hero, QNAP QuTScloud, QNAP QVP (QVR Pro appliances), and QNAP QVR command executionPlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access...
PowerDNS Recursor denial of service | CVE-2023-26437
NAME__________PowerDNS Recursor denial of servicePlatforms Affected:Risk Level:3.4Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________PowerDNS Recursor is vulnerable to a denial of service, caused by...
Multiple QNAP operating systems information disclosure | CVE-2022-27597
NAME__________Multiple QNAP operating systems information disclosurePlatforms Affected:QNAP QTS QNAP QuTS hero QNAP QuTScloud QNAP QVP (QVR Pro appliances)Risk Level:2.7Exploitability:UnprovenConsequences:Obtain Information...
HCL Launch cross-site scripting | CVE-2022-42452
NAME__________HCL Launch cross-site scriptingPlatforms Affected:Risk Level:4.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________HCL Launch is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
NASM denial of service | CVE-2022-44368
NAME__________NASM denial of servicePlatforms Affected:Risk Level:5.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________NASM is vulnerable to a denial of service, caused by...
NASM denial of service | CVE-2022-44370
NAME__________NASM denial of servicePlatforms Affected:Risk Level:5.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________NASM is vulnerable to a denial of service, caused by...
NASM denial of service | CVE-2022-44369
NAME__________NASM denial of servicePlatforms Affected:Risk Level:5.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________NASM is vulnerable to a denial of service, caused by...
Microsoft 3D Builder information disclosure |
NAME__________Microsoft 3D Builder information disclosurePlatforms Affected:Microsoft 3D BuilderRisk Level:3.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Microsoft 3D Builder could allow a remote attacker to obtain...
Microsoft 3D Builder code execution |
NAME__________Microsoft 3D Builder code executionPlatforms Affected:Microsoft 3D BuilderRisk Level:6.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Microsoft 3D Builder could allow a remote attacker to execute...
