LockBit 3.0 Ransomware Victim: thermae[.]nl
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Month: October 2023
LockBit 3.0 Ransomware Victim: ckgroup[.]com[.]tw
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: erga[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: fcps1[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: tayloredservices[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: raeburns[.]co[.]uk
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: laspesainfamiglia[.]coop
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Zod denial of service | CVE-2023-4316
NAME__________Zod denial of servicePlatforms Affected:Zod Zod 3.22.2Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Zod is vulnerable to a denial of service. By sending...
Zephyr buffer overflow | CVE-2023-5184
NAME__________Zephyr buffer overflowPlatforms Affected:Zephyr Project Zephyr 3.4.0Risk Level:7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Zephyr is vulnerable to a buffer overflow, caused by unsigned conversion...
JumpServer information disclosure | CVE-2023-43652
NAME__________JumpServer information disclosurePlatforms Affected:JumpServer JumpServer 2.28.19 JumpServer JumpServer 3.7.0Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________JumpServer could allow a remote attacker to obtain sensitive...
PrestaShop security bypass | CVE-2023-43664
NAME__________PrestaShop security bypassPlatforms Affected:PrestaShop PrestaShop 8.1.1Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________PrestaShop could allow a remote authenticated attacker to bypass security restrictions, caused...
Everest News Pro Theme for WordPress cross-site scripting | CVE-2023-41235
NAME__________Everest News Pro Theme for WordPress cross-site scriptingPlatforms Affected:WordPress Everest News Pro Theme Plugin for WordPress 1.1.7Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Everest...
Samsung Mobile Processor Exynos 2200 denial of service | CVE-2023-41911
NAME__________Samsung Mobile Processor Exynos 2200 denial of servicePlatforms Affected:Samsung Mobile Processor Exynos 2200Risk Level:5.1Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Samsung Mobile Processor Exynos...
Prestashop security bypass | CVE-2023-43663
NAME__________Prestashop security bypassPlatforms Affected:PrestaShop PrestaShop 8.1.1Risk Level:6.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________PrestaShop could allow a remote authenticated attacker to bypass security restrictions. By...
Fortect privilege escalation | CVE-2023-42486
NAME__________Fortect privilege escalationPlatforms Affected:Fortect FortectRisk Level:6.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Fortect could allow a remote authenticated attacker to gain elevated privileges on the...
Dell Common Event Enabler privilege escalation | CVE-2023-32477
NAME__________Dell Common Event Enabler privilege escalationPlatforms Affected:Dell Common Event Enabler 8.9.8.2Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Dell Common Event Enabler could allow a...
8 Base Ransomware Victim: Praxis Arndt und Langer
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Daily Vulnerability Trends: Mon Oct 02 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-21554Microsoft Message Queuing Remote Code Execution VulnerabilityCVE-2023-43261 No description provided CVE-2023-36845A PHP...
Meet LostTrust ransomware — A likely rebrand of the MetaEncryptor gang
The LostTrust ransomware operation is believed to be a rebrand of MetaEncryptor, utilizing almost identical data leak sites and encryptors....
New Marvin attack revives 25-year-old decryption flaw in RSA
A flaw related to the PKCS #1 v1.5 padding in SSL servers discovered in 1998 and believed to have been...
Amazon sends Mastercard, Google Play gift card order emails by mistake
10/1/23 update adds Amazon statement below. Amazon mistakenly sent out purchase confirmation emails for Hotels.com, Google Play, and Mastercard gift...
US-CERT Vulnerability Summary for the Week of September 18, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoacronis -- cyber_protect_home_officeSensitive information disclosure due to insecure folder permissions. The following...
Mellon – OSDP Attack Tool
OSDP attack tool (and the Elvish word for friend) Attack #1: Encryption is Optional OSDP supports, but doesn't strictly require,...
LockBit 3.0 Ransomware Victim: palaciodosleiloes[.]com[.]br
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
