Understanding Active Directory Attack Paths to Improve Security
Introduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning...
Month: August 2023
LOLBAS in the Wild: 11 Living-Off-The-Land Binaries That Could Be Used for Malicious Purposes
Cybersecurity researchers have discovered a set of 11 living-off-the-land binaries-and-scripts (LOLBAS) that could be maliciously abused by threat actors to...
New Yashma Ransomware Variant Targets Multiple English-Speaking Countries
An unknown threat actor is using a variant of the Yashma ransomware to target various entities in English-speaking countries, Bulgaria,...
Akira Ransomware Victim: Räddningstjänsten Vä stra Blekinge
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Koury Engineering
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Papel Prensa SA
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
VMware Horizon Server information disclosure | CVE-2023-34038
NAME__________VMware Horizon Server information disclosurePlatforms Affected:VMware Horizon Server 2303 VMware Horizon Server 2212 VMware Horizon Server 2209 VMware Horizon Server...
VMware Horizon Server request smuggling | CVE-2023-34037
NAME__________VMware Horizon Server request smugglingPlatforms Affected:VMware Horizon Server 2303 VMware Horizon Server 2212 VMware Horizon Server 2209 VMware Horizon Server...
PHP information disclosure | CVE-2023-3823
NAME__________PHP information disclosurePlatforms Affected:PHP PHP 8.1.21 PHP PHP 8.0.29Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________PHP could allow a remote attacker to obtain sensitive...
Cloudflare odoh-rs denial of service | CVE-2023-3766
NAME__________Cloudflare odoh-rs denial of servicePlatforms Affected:Cloudflare odoh-rs 1.0.1Risk Level:5.9Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Cloudflare odoh-rs is vulnerable to a denial of service,...
Codesys products denial of service | CVE-2023-37548
NAME__________Codesys products denial of servicePlatforms Affected:CODESYS Control for BeagleBone SL CODESYS Control for emPC-A/iMX6 SL CODESYS Control for IOT2000 SL...
Codesys products denial of service | CVE-2023-37558
NAME__________Codesys products denial of servicePlatforms Affected:CODESYS Control for BeagleBone SL CODESYS Control for emPC-A/iMX6 SL CODESYS Control for IOT2000 SL...
Codesys products security bypass | CVE-2023-37551
NAME__________Codesys products security bypassPlatforms Affected:CODESYS Control for BeagleBone SL CODESYS Control for emPC-A/iMX6 SL CODESYS Control for IOT2000 SL CODESYS...
PHPJabbers Night Club Booking cross-site scripting | CVE-2023-4114
NAME__________PHPJabbers Night Club Booking cross-site scriptingPlatforms Affected:PHPJabbers Night Club Booking 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PHPJabbers Night Club Booking is vulnerable to...
Fabasoft Cloud Enterprise Client privilege escalation | CVE-2023-32764
NAME__________Fabasoft Cloud Enterprise Client privilege escalationPlatforms Affected:Fabasoft Cloud Enterprise Client 23.3.0.130Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Fabasoft Cloud Enterprise Client could allow a...
Codesys products denial of service | CVE-2023-37552
NAME__________Codesys products denial of servicePlatforms Affected:CODESYS Control for BeagleBone SL CODESYS Control for emPC-A/iMX6 SL CODESYS Control for IOT2000 SL...
Codesys products denial of service | CVE-2023-37555
NAME__________Codesys products denial of servicePlatforms Affected:CODESYS Control for BeagleBone SL CODESYS Control for emPC-A/iMX6 SL CODESYS Control for IOT2000 SL...
PHPJabbers Service Booking Script cross-site scripting | CVE-2023-4113
NAME__________PHPJabbers Service Booking Script cross-site scriptingPlatforms Affected:PHPJabbers Service Booking Script 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PHPJabbers Service Booking Script is vulnerable to...
Codesys products denial of service | CVE-2023-37556
NAME__________Codesys products denial of servicePlatforms Affected:CODESYS Control for BeagleBone SL CODESYS Control for emPC-A/iMX6 SL CODESYS Control for IOT2000 SL...
Codesys products denial of service | CVE-2023-37559
NAME__________Codesys products denial of servicePlatforms Affected:CODESYS Control for BeagleBone SL CODESYS Control for emPC-A/iMX6 SL CODESYS Control for IOT2000 SL...
Node.js wrangler module directory traversal | CVE-2023-3348
NAME__________Node.js wrangler module directory traversalPlatforms Affected:Node.js wrangler 3.1.0 Node.js wrangler 3.0.1 Node.js wrangler 3.0.0Risk Level:5.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Node.js wrangler module could...
Codesys products denial of service | CVE-2023-37549
NAME__________Codesys products denial of servicePlatforms Affected:CODESYS Control for BeagleBone SL CODESYS Control for emPC-A/iMX6 SL CODESYS Control for IOT2000 SL...
CODESYS Development System information disclosure | CVE-2023-3669
NAME__________CODESYS Development System information disclosurePlatforms Affected:CODESYS Development System 3.5.17.0Risk Level:3.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________CODESYS Development System could allow a local authenticated attacker...
PHPJabbers Availability Booking Calendar cross-site scripting | CVE-2023-4110
NAME__________PHPJabbers Availability Booking Calendar cross-site scriptingPlatforms Affected:PHPJabbers Availability Booking Calendar 5.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PHPJabbers Availability Booking Calendar is vulnerable to...
