Dynmx – Signature-based Detection Of Malware Features Based On Windows API Call Sequences
dynmx (spoken dynamics) is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a...
Year: 2023
HackerOne Bug Bounty Disclosure: b-email-verification-bypass-for-manual-connection-setup-service-credentials-b-yozzo
Company Name: b'Nord Security' Company HackerOne URL: https://hackerone.com/nordsecurity Submitted By:b'yozzo_'Link to Submitters Profile:https://hackerone.com/b'yozzo_' Report Title:b'Email verification bypass for manual connection...
Posh C2 Detected – 20[.]61[.]115[.]115:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Posh C2 Detected – 94[.]198[.]53[.]89:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
LockBit 3.0 Ransomware Victim: tuvsud[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: sinloc[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: clearcreek[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: carthagehospital[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: milbermakris[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: pelicanwoodcliff[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: beamconstruction[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: perfectlaw[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Hotel Druid SQL injection | CVE-2023-43374
NAME__________Hotel Druid SQL injectionPlatforms Affected:HotelDruid HotelDruid 3.0.5Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Hotel Druid is vulnerable to SQL injection. A remote attacker could...
Fl3xx Dispatch app for iOS and Fl3xx Crew privilege escalation | CVE-2023-42334
NAME__________Fl3xx Dispatch app for iOS and Fl3xx Crew privilege escalationPlatforms Affected:Fl3xx Fl3xx Dispatch app for iOS 2.10.37 Fl3xx Fl3xx Crew...
Mastodon spoofing | CVE-2023-42451
NAME__________Mastodon spoofingPlatforms Affected:Mastodon Mastodon 4.2.0-beta1Risk Level:7.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Mastodon could allow a remote attacker to conduct spoofing attacks, caused by an...
Fl3xx Dispatch app for iOS and Fl3xx Crew file upload | CVE-2023-42335
NAME__________Fl3xx Dispatch app for iOS and Fl3xx Crew file uploadPlatforms Affected:Fl3xx Fl3xx Dispatch app for iOS 2.10.37 Fl3xx Fl3xx Crew...
Nozomi Networks Guardian and CMC denial of service | CVE-2023-32649
NAME__________Nozomi Networks Guardian and CMC denial of servicePlatforms Affected:Nozomi Networks Guardian/CMC 22.6.1Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Nozomi Networks Guardian and CMC...
Progress MOVEit Transfer cross-site scripting | CVE-2023-42656
NAME__________Progress MOVEit Transfer cross-site scriptingPlatforms Affected:Progress MOVEit Transfer 2018 SP2 (10.2) Progress MOVEit Transfer 2019 (11.0) Progress MOVEit Transfer 2019.1...
Snapview Tungstenite crate for Rust denial of service | CVE-2023-43669
NAME__________Snapview Tungstenite crate for Rust denial of servicePlatforms Affected:Snapview Tungstenite crate for Rust 0.20.0Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Snapview Tungstenite crate...
Mastodon server-side request forgery | CVE-2023-42450
NAME__________Mastodon server-side request forgeryPlatforms Affected:Mastodon Mastodon 4.2.0-beta1Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Mastodon is vulnerable to server-side request forgery, caused by improper input...
Ashlar-Vellum Cobalt code execution | CVE-2023-42103
NAME__________Ashlar-Vellum Cobalt code executionPlatforms Affected:Ashlar-Vellum CobaltRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Ashlar-Vellum Cobalt could allow a remote attacker to execute arbitrary code on...
AMD Driver Execution Environment (DXE) driver information disclosure | CVE-2023-20597
NAME__________AMD Driver Execution Environment (DXE) driver information disclosurePlatforms Affected:AMD 3rd Generation EPYC AMD Ryzen 5000 Series processors AMD Ryzen 4000...
Dell SCG Policy Manager man-in-the-middle | CVE-2023-39252
NAME__________Dell SCG Policy Manager man-in-the-middlePlatforms Affected:Dell EMC SCG Policy Manager 5.16.00.14Risk Level:5.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dell SCG Policy Manager is vulnerable to...
iCMS cross-site request forgery | CVE-2023-42321
NAME__________iCMS cross-site request forgeryPlatforms Affected:iCMS iCMS 7.0.16Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________iCMS is vulnerable to cross-site request forgery, caused by improper validation...
