Month: August 2023

CISA

CISA: CISA Releases Two Industrial Control Systems Advisories

August 15, 2023

CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on August 8, 2023. These...

CISA

CISA: CISA Releases Twelve Industrial Control Systems Advisories

August 15, 2023

CISA Releases Twelve Industrial Control Systems Advisories CISA released twelve Industrial Control Systems (ICS) advisories on August 10, 2023. These...

News

US-CERT Vulnerability Summary for the Week of August 7, 2023

August 14, 2023

High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info phoenixcontact -- wp_6xxx_series In PHOENIX CONTACTs WP 6xxx series web panels...

HackerOne Bug Bounty Disclosure: b-html-injection-on-newsroom-snap-com-via-search-q-b-jotita

August 14, 2023

Company Name: b'Snapchat' Company HackerOne URL: https://hackerone.com/snapchat Submitted By:b'jotita3'Link to Submitters Profile:https://hackerone.com/b'jotita3' Report Title:b'HTML injection on newsroom.snap.com/* via search?q=1'Report Link:https://hackerone.com/reports/2018615Date...

HackerOne Bug Bounty Disclosure: b-path-traversal-allows-tricking-the-talk-android-app-into-writing-files-into-it-s-root-directory-b-fr-via

August 14, 2023

Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'fr4via'Link to Submitters Profile:https://hackerone.com/b'fr4via' Report Title:b"Path traversal allows tricking the Talk Android...

Ongoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 Vulnerability

August 14, 2023

E-commerce sites using Adobe's Magento 2 software are the target of an ongoing campaign that has been active since at...

QwixxRAT: New Remote Access Trojan Emerges via Telegram and Discord

August 14, 2023

A new remote access trojan (RAT) called QwixxRAT is being advertised for sale by its threat actor through Telegram and...

Medusa Locker Ransomware Victim: Borets (Levare[.]com)

August 14, 2023

Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...

Medusa Locker Ransomware Victim: CB Energy Australlia

August 14, 2023

Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...

Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks

August 14, 2023

Germany's Federal Office for the Protection of the Constitution (BfV) has warned of cyber attacks targeting Iranian persons and organizations...

Identity Threat Detection and Response: Rips in Your Identity Fabric

August 14, 2023

Why SaaS Security Is a Challenge# In today's digital landscape, organizations are increasingly relying on Software-as-a-Service (SaaS) applications to drive...

New Financial Malware ‘JanelaRAT’ Targets Latin American Users

August 14, 2023

Users in Latin America (LATAM) are the target of a financial malware called JanelaRAT that's capable of capturing sensitive information...

India Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users’ Privacy First

August 14, 2023

The Indian President Droupadi Murmu on Friday granted assent to the Digital Personal Data Protection Bill (DPDPB) after it was...

Siemens JT2Go, Teamcenter Visualization and Solid Edge code execution | CVE-2023-28830

August 14, 2023

NAME__________Siemens JT2Go, Teamcenter Visualization and Solid Edge code executionPlatforms Affected:Siemens JT2Go 14.2.0.4Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Siemens JT2Go, Teamcenter Visualization and Solid...

Siemens JT Open, JT Utilities code execution | CVE-2023-30796

August 14, 2023

NAME__________Siemens JT Open, JT Utilities code executionPlatforms Affected:Siemens JT Utilities Siemens Parasolid 35.0 Siemens Parasolid 34.1 Siemens Parasolid 34.0 Siemens...

Nozomi Networks Guardian/CMC cross-site scripting | CVE-2023-22843

August 14, 2023

NAME__________Nozomi Networks Guardian/CMC cross-site scriptingPlatforms Affected:Nozomi Networks Guardian/CMC 22.6.1Risk Level:6.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Nozomi Networks Guardian/CMC is vulnerable to cross-site scripting, caused...

Nozomi Networks Guardian/CMC denial of service | CVE-2023-24015

August 14, 2023

NAME__________Nozomi Networks Guardian/CMC denial of servicePlatforms Affected:Nozomi Networks Guardian/CMC 22.6.1Risk Level:4.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Nozominetworks Nozomi Networks Guardian/CMC is vulnerable to...

Siemens JT Open, JT Utilities code execution | CVE-2023-30795

August 14, 2023

NAME__________Siemens JT Open, JT Utilities code executionPlatforms Affected:Siemens JT Utilities Siemens Parasolid 35.0 Siemens Parasolid 34.1 Siemens Parasolid 34.0 Siemens...

HCL DRYiCE MyCloud information disclosure | CVE-2023-23346

August 14, 2023

NAME__________HCL DRYiCE MyCloud information disclosurePlatforms Affected:HCL DRYiCE MyCloud 10.2 HCL DRYiCE MyCloud 10.4 HCL DRYiCE MyCloud 10.5 HCL DRYiCE MyCloud...

HashiCorp Consul and Consul Enterprise denial of service | CVE-2023-3518

August 14, 2023

NAME__________HashiCorp Consul and Consul Enterprise denial of servicePlatforms Affected:HashiCorp Consul and Consul Enterprise 1.16.0Risk Level:7.4Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________HashiCorp Consul and...

Sentry security bypass | CVE-2023-39531

August 14, 2023

NAME__________Sentry security bypassPlatforms Affected:Sentry Sentry 23.7.1Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Sentry could allow a remote authenticated attacker to bypass security restrictions, caused...

Cacti information disclosure | CVE-2023-37543

August 14, 2023

NAME__________Cacti information disclosurePlatforms Affected:Cacti Cacti 1.2.5Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Cacti could allow a remote attacker to obtain sensitive information, caused by...

Nozomi Networks Guardian/CMC information disclosure | CVE-2023-24471

August 14, 2023

NAME__________Nozomi Networks Guardian/CMC information disclosurePlatforms Affected:Nozomi Networks Guardian/CMC 22.6.1Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Nozomi Networks Guardian/CMC could allow a remote authenticated attacker...

HCL DRYiCE iAutomate information disclosure | CVE-2023-23347

August 14, 2023

NAME__________HCL DRYiCE iAutomate information disclosurePlatforms Affected:HCL DRYiCE iAutomate 6.0 HCL DRYiCE iAutomate 6.1 HCL DRYiCE iAutomate 6.2Risk Level:6.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________HCL...

Month: August 2023

CISA: CISA Releases Two Industrial Control Systems Advisories

CISA: CISA Releases Twelve Industrial Control Systems Advisories

US-CERT Vulnerability Summary for the Week of August 7, 2023

HackerOne Bug Bounty Disclosure: b-html-injection-on-newsroom-snap-com-via-search-q-b-jotita

HackerOne Bug Bounty Disclosure: b-path-traversal-allows-tricking-the-talk-android-app-into-writing-files-into-it-s-root-directory-b-fr-via

Ongoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 Vulnerability

QwixxRAT: New Remote Access Trojan Emerges via Telegram and Discord

Medusa Locker Ransomware Victim: Borets (Levare[.]com)

Medusa Locker Ransomware Victim: CB Energy Australlia

Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks

Identity Threat Detection and Response: Rips in Your Identity Fabric

New Financial Malware ‘JanelaRAT’ Targets Latin American Users

India Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users’ Privacy First

Siemens JT2Go, Teamcenter Visualization and Solid Edge code execution | CVE-2023-28830

Siemens JT Open, JT Utilities code execution | CVE-2023-30796

Nozomi Networks Guardian/CMC cross-site scripting | CVE-2023-22843

Nozomi Networks Guardian/CMC denial of service | CVE-2023-24015

Siemens JT Open, JT Utilities code execution | CVE-2023-30795

HCL DRYiCE MyCloud information disclosure | CVE-2023-23346

HashiCorp Consul and Consul Enterprise denial of service | CVE-2023-3518

Sentry security bypass | CVE-2023-39531

Cacti information disclosure | CVE-2023-37543

Nozomi Networks Guardian/CMC information disclosure | CVE-2023-24471

HCL DRYiCE iAutomate information disclosure | CVE-2023-23347

[INCRANSOM] – Ransomware Victim: Darlington EMS

[INCRANSOM] – Ransomware Victim: Schuck-Gruppe

[APT73] – Ransomware Victim: gureco[.]pl

[APT73] – Ransomware Victim: lgpunjab[.]gov[.]in

[INCRANSOM] – Ransomware Victim: IPE Engwicht

You may have missed