Ransomware review: October 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on...
Month: October 2023
Medusa Locker Ransomware Victim: SIMTA
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Ransomware Victim: Evasión
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Ransomware Victim: Neodata
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Ransomware Victim: ZOUARY & Associés
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Dark Angel Victim: CannonDesign
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Dark Angel Victim: Roper & Vertafore
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Dark Angel Victim: Robins & Morton
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Dark Angel Victim: Go-Ahead Group
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
SAP BusinessObjects Web Intelligence cross-site scripting | CVE-2023-42474
NAME__________SAP BusinessObjects Web Intelligence cross-site scriptingPlatforms Affected:SAP BusinessObjects Web Intelligence 420Risk Level:6.8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SAP BusinessObjects Web Intelligence is vulnerable to...
Fortinet FortiManager and FortiAnalyzer security bypass | CVE-2023-42787
NAME__________Fortinet FortiManager and FortiAnalyzer security bypassPlatforms Affected:Fortinet FortiAnalyzer 6.2.0 Fortinet FortiManager 7.0.0 Fortinet FortiAnalyzer 7.0.0 Fortinet FortiManager 6.4.0 Fortinet FortiAnalyzer...
SAP Business One information disclosure | CVE-2023-41365
NAME__________SAP Business One information disclosurePlatforms Affected:SAP Business One 10Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________SAP Business One could allow a remote authenticated attacker...
Siemens SIMATIC CP Devices denial of service | CVE-2023-37195
NAME__________Siemens SIMATIC CP Devices denial of servicePlatforms Affected:Siemens SIMATIC CP 1604 Siemens SIMATIC CP 1623 Siemens SIMATIC CP 1626 Siemens...
Adobe Commerce and Magento Open Source server-side request forgery | CVE-2023-26366
NAME__________Adobe Commerce and Magento Open Source server-side request forgeryPlatforms Affected:Adobe Commerce 2.4.6 Adobe Commerce 2.4.5-p2 Adobe Commerce 2.4.4-p3 Adobe Commerce...
Microsoft Windows TCP/IP denial of service | CVE-2023-36602
NAME__________Microsoft Windows TCP/IP denial of servicePlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft...
Siemens SINEC NMS cross-site scripting | CVE-2023-44315
NAME__________Siemens SINEC NMS cross-site scriptingPlatforms Affected:Siemens SINEC NMS 1.0Risk Level:4.7Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Siemens SINEC NMS is vulnerable to cross-site scripting, caused...
Apache Tomcat denial of service | CVE-2023-42794
NAME__________Apache Tomcat denial of servicePlatforms Affected:Apache Tomcat 8.5.85 Apache Tomcat 9.0.71Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Apache Tomcat is vulnerable to a...
Fortinet FortiOS cross-site scripting | CVE-2023-36555
NAME__________Fortinet FortiOS cross-site scriptingPlatforms Affected:Fortinet FortiOS 7.0.0 Fortinet FortiOS 7.2.0 Fortinet FortiOS 7.2.4Risk Level:3.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Fortinet FortiOS is vulnerable to...
Adobe Commerce and Magento Open Source denial of service | CVE-2023-38251
NAME__________Adobe Commerce and Magento Open Source denial of servicePlatforms Affected:Adobe Commerce 2.4.3 Adobe Commerce 2.3.7-p2 Adobe Commerce 2.4.4 Adobe Commerce...
Apache Tomcat information disclosure | CVE-2023-42795
NAME__________Apache Tomcat information disclosurePlatforms Affected:Apache Tomcat 8.5.0 Apache Tomcat 9.0.0.M1 Apache Tomcat 10.1.0-M1 Apache Tomcat 11.0.0-M1Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache Tomcat...
Fortinet FortiManager and FortiAnalyzer information disclosure | CVE-2023-44249
NAME__________Fortinet FortiManager and FortiAnalyzer information disclosurePlatforms Affected:Fortinet FortiAnalyzer 6.2.0 Fortinet FortiManager 7.0.0 Fortinet FortiAnalyzer 7.0.0 Fortinet FortiManager 6.4.0 Fortinet FortiManager...
Siemens Parasolid code execution | CVE-2023-44082
NAME__________Siemens Parasolid code executionPlatforms Affected:Siemens Parasolid 35.0 Siemens Tecnomatix Plant Simulation 2201 Siemens Tecnomatix Plant Simulation 2302 Siemens Parasolid 35.1...
Siemens SICAM PAS/PQS privilege escalation | CVE-2023-45205
NAME__________Siemens SICAM PAS/PQS privilege escalationPlatforms Affected:Siemens SICAM PAS 8.00 Siemens SICAM PAS 8.21 Siemens SICAM PQS 8.00 Siemens SICAM PQS...
Fortinet FortiOS and FortiProxy denial of service | CVE-2023-41675
NAME__________Fortinet FortiOS and FortiProxy denial of servicePlatforms Affected:Fortinet FortiOS 7.0.0 Fortinet FortiProxy 7.0.0 Fortinet FortiOS 7.2.0 Fortinet FortiProxy 7.2.0 Fortinet...
