Iranian Nation-State Actor OilRig Targets Israeli Organizations
Israeli organizations were targeted as part of two different campaigns orchestrated by the Iranian nation-state actor known as OilRig in...
Month: September 2023
US-CERT Vulnerability Summary for the Week of September 11, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infowibu -- codemeter_runtime A heap buffer overflow vulnerability in Wibu CodeMeter Runtime...
Dynmx – Signature-based Detection Of Malware Features Based On Windows API Call Sequences
dynmx (spoken dynamics) is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a...
HackerOne Bug Bounty Disclosure: b-email-verification-bypass-for-manual-connection-setup-service-credentials-b-yozzo
Company Name: b'Nord Security' Company HackerOne URL: https://hackerone.com/nordsecurity Submitted By:b'yozzo_'Link to Submitters Profile:https://hackerone.com/b'yozzo_' Report Title:b'Email verification bypass for manual connection...
Posh C2 Detected – 20[.]61[.]115[.]115:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Posh C2 Detected – 94[.]198[.]53[.]89:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
LockBit 3.0 Ransomware Victim: tuvsud[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: sinloc[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: clearcreek[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: carthagehospital[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: milbermakris[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: pelicanwoodcliff[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: beamconstruction[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: perfectlaw[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Hotel Druid SQL injection | CVE-2023-43374
NAME__________Hotel Druid SQL injectionPlatforms Affected:HotelDruid HotelDruid 3.0.5Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Hotel Druid is vulnerable to SQL injection. A remote attacker could...
Fl3xx Dispatch app for iOS and Fl3xx Crew privilege escalation | CVE-2023-42334
NAME__________Fl3xx Dispatch app for iOS and Fl3xx Crew privilege escalationPlatforms Affected:Fl3xx Fl3xx Dispatch app for iOS 2.10.37 Fl3xx Fl3xx Crew...
Mastodon spoofing | CVE-2023-42451
NAME__________Mastodon spoofingPlatforms Affected:Mastodon Mastodon 4.2.0-beta1Risk Level:7.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Mastodon could allow a remote attacker to conduct spoofing attacks, caused by an...
Fl3xx Dispatch app for iOS and Fl3xx Crew file upload | CVE-2023-42335
NAME__________Fl3xx Dispatch app for iOS and Fl3xx Crew file uploadPlatforms Affected:Fl3xx Fl3xx Dispatch app for iOS 2.10.37 Fl3xx Fl3xx Crew...
Nozomi Networks Guardian and CMC denial of service | CVE-2023-32649
NAME__________Nozomi Networks Guardian and CMC denial of servicePlatforms Affected:Nozomi Networks Guardian/CMC 22.6.1Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Nozomi Networks Guardian and CMC...
Progress MOVEit Transfer cross-site scripting | CVE-2023-42656
NAME__________Progress MOVEit Transfer cross-site scriptingPlatforms Affected:Progress MOVEit Transfer 2018 SP2 (10.2) Progress MOVEit Transfer 2019 (11.0) Progress MOVEit Transfer 2019.1...
Snapview Tungstenite crate for Rust denial of service | CVE-2023-43669
NAME__________Snapview Tungstenite crate for Rust denial of servicePlatforms Affected:Snapview Tungstenite crate for Rust 0.20.0Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Snapview Tungstenite crate...
Mastodon server-side request forgery | CVE-2023-42450
NAME__________Mastodon server-side request forgeryPlatforms Affected:Mastodon Mastodon 4.2.0-beta1Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Mastodon is vulnerable to server-side request forgery, caused by improper input...
Ashlar-Vellum Cobalt code execution | CVE-2023-42103
NAME__________Ashlar-Vellum Cobalt code executionPlatforms Affected:Ashlar-Vellum CobaltRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Ashlar-Vellum Cobalt could allow a remote attacker to execute arbitrary code on...
AMD Driver Execution Environment (DXE) driver information disclosure | CVE-2023-20597
NAME__________AMD Driver Execution Environment (DXE) driver information disclosurePlatforms Affected:AMD 3rd Generation EPYC AMD Ryzen 5000 Series processors AMD Ryzen 4000...
