US-CERT Vulnerability Summary for the Week of April 17, 2023
Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.
Black Basta Ransomware Victim: Colvillbanks
Black Basta Ransomware NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers…
LockBit 3.0 Ransomware Victim: ourrelentlesschurch[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers…
IBM Java information disclosure | CVE-2023-30441
NAME__________IBM Java information disclosurePlatforms Affected:IBM WebSphere Application Server 8.5 IBM WebSphere Application Server 9.0 IBM InfoSphere Information Server 11.7 IBM WebSphere Application Server Liberty IBM z/Transaction Processing Facility 1.1 IBM…
Service Location Protocol (SLP, RFC 2608) denial of service | CVE-2023-29552
NAME__________Service Location Protocol (SLP, RFC 2608) denial of servicePlatforms Affected:Risk Level:6.8Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Service Location Protocol (SLP, RFC 2608) is vulnerable to a denial of service, caused by improper service…
IBM DB2 for Linux, UNIX and Windows denial of service | CVE-2023-29255
NAME__________IBM DB2 for Linux, UNIX and Windows denial of servicePlatforms Affected:IBM DB2 for Linux UNIX and Windows 10.5 IBM DB2 for Linux UNIX and Windows 11.1 IBM DB2 for Linux…
Daily Vulnerability Trends: Sun Apr 30 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-21707Microsoft Exchange Server Remote Code Execution VulnerabilityCVE-2019-5736runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite…
Karakurt Ransomware Victim: Our Sunday Visitor
KARAKURT RANSOMWARE NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly,…
Hackers target vulnerable Veeam backup servers exposed online
Veeam backup servers are being targeted by at least one group of threat actors known to work with multiple high-profile ransomware gangs. Malicious activity and tools echoing FIN7 attacks have been…
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access bypass vulnerability affecting multiple Drupal versions. An attacker could exploit…
CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM documents and Minimum Requirements for Vulnerability Exploitability eXchange (VEX). The Types…
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in Aria Operations for Logs (formerly vRealize Log Insight). A cyber…
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for April 2023 to address vulnerabilities affecting multiple products. A remote…
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security updates for vulnerabilities affecting Industrial Network Director (IND), Modeling Labs, StarOS Software, and BroadbandWorks Network Server. A remote attacker…
CISA: CISA Requests for Comment on Secure Software Self-Attestation Form
CISA Requests for Comment on Secure Software Self-Attestation Form CISA has issued requests for comment on the Secure Software Self-Attestation Form. CISA, in coordination with the Office of Budget and…
CISA: CISA Releases One Industrial Control Systems Medical Advisory
CISA Releases One Industrial Control Systems Medical Advisory CISA released one Industrial Control Systems Medical (ICS) medical advisory on April 27, 2023. These advisories provide timely information about current security…
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on April 25, 2023. These advisories provide timely information about current security issues, vulnerabilities, and…