Ransomware Review December 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Month: February 2024
Malicious Ads For Restricted Messaging Applications Target Chinese Users
An ongoing campaign of malicious ads has been targeting Chinese-speaking users with lures for popular messaging applications such as Telegram...
Atomic Stealer Rings In The New Year With Updated Version
Last year, we documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users....
Nitrogen Shelling Malware From Hacked Sites
Nitrogen is the name given to a campaign and associated malware that have been distributed via malicious search ads. Its...
2024 State Of Ransomware In Education 92 Spike In K 12 Attacks
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Ransomware Review January 2024
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Medusa Locker Ransomware Victim: Galaxy Fireworks, Inc
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Akira Ransomware Victim: Sefin
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
U.S. Feds Shut Down China-Linked “KV-Botnet” Targeting SOHO Routers
The U.S. government on Wednesday said it took steps to neutralize a botnet comprising hundreds of U.S.-based small office and...
HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining
Cybersecurity researchers have detailed an updated version of the malware HeadCrab that's known to target Redis database servers across the...
Why the Right Metrics Matter When it Comes to Vulnerability Management
How's your vulnerability management program doing? Is it effective? A success? Let's be honest, without the right metrics or analytics,...
LockBit 3.0 Ransomware Victim: caravanclub[.]co[.]uk
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
60IndexPage server-side request forgery | CVE-2024-0946
NAME__________60IndexPage server-side request forgeryPlatforms Affected:60IndexPage 60IndexPage 1.8.5 60IndexPage 60IndexPage 1.8.4Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________60IndexPage is vulnerable to server-side request forgery, caused...
REBUILD cross-site scripting | CVE-2024-1020
NAME__________REBUILD cross-site scriptingPlatforms Affected:Rebuild Rebuild 2.8.3Risk Level:3.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________REBUILD is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
REBUILD server-side request forgery | CVE-2024-1021
NAME__________REBUILD server-side request forgeryPlatforms Affected:Rebuild Rebuild 2.8.3Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________REBUILD is vulnerable to server-side request forgery, caused by a flaw...
Tenda i6 buffer overflow | CVE-2024-0990
NAME__________Tenda i6 buffer overflowPlatforms Affected:Tenda i6 1.0.0.9(3857)Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Tenda i6 is vulnerable to a stack-based buffer overflow,...
OpenText AppBuilder information disclosure | CVE-2023-4550
NAME__________OpenText AppBuilder information disclosurePlatforms Affected:OpenText AppBuilder 21.2 OpenText AppBuilder 23.1Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenText AppBuilder could allow a remote attacker to...
OpenText AppBuilder information disclosure | CVE-2023-4552
NAME__________OpenText AppBuilder information disclosurePlatforms Affected:OpenText AppBuilder 21.2 OpenText AppBuilder 23.1Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenText AppBuilder could allow a remote authenticated attacker...
OpenText AppBuilder command execution | CVE-2023-4551
NAME__________OpenText AppBuilder command executionPlatforms Affected:OpenText AppBuilder 21.2 OpenText AppBuilder 23.1Risk Level:7.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenText AppBuilder could allow a remote authenticated attacker...
OpenText AppBuilder information disclosure | CVE-2023-4554
NAME__________OpenText AppBuilder information disclosurePlatforms Affected:OpenText AppBuilder 21.2 OpenText AppBuilder 23.1Risk Level:4.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenText AppBuilder could allow a remote authenticated attacker...
60IndexPage server-side request forgery | CVE-2024-0945
NAME__________60IndexPage server-side request forgeryPlatforms Affected:60IndexPage 60IndexPage 1.8.5 60IndexPage 60IndexPage 1.8.4Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________60IndexPage is vulnerable to server-side request forgery, caused...
eReserv cross-site scripting | CVE-2024-1026
NAME__________eReserv cross-site scriptingPlatforms Affected:Cogites eReserv 7.7.58Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________eReserv is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
OpenText AppBuilder information disclosure | CVE-2023-4553
NAME__________OpenText AppBuilder information disclosurePlatforms Affected:OpenText AppBuilder 21.2 OpenText AppBuilder 23.1Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenText AppBuilder could allow a remote attacker to...
Tenda i6 buffer overflow | CVE-2024-0991
NAME__________Tenda i6 buffer overflowPlatforms Affected:Tenda i6 1.0.0.9(3857)Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Tenda i6 is vulnerable to a stack-based buffer overflow,...
