Month: June 2023

Wi-Fi AP UNIT information disclosure | CVE-2023-31196

June 10, 2023

NAME__________Wi-Fi AP UNIT information disclosurePlatforms Affected:Inaba Denki Sangyo AC-WAPU-300 1.00_B07 Inaba Denki Sangyo AC-WAPU-300-P 1.00_B08P Inaba Denki Sangyo AC-WAPUM-300 1.00_B07...

ASUS RT-AX3000 information disclosure | CVE-2023-31195

June 10, 2023

NAME__________ASUS RT-AX3000 information disclosurePlatforms Affected:ASUS RT-AX3000 3.0.0.4.384_10177 ASUS RT-AX3000 3.0.0.4Risk Level:3.7Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________ASUS RT-AX3000 could allow a remote attacker...

Thruk directory traversal | CVE-2023-34096

June 10, 2023

NAME__________Thruk directory traversalPlatforms Affected:Thruk Thruk 3.06Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Thruk could allow a remote authenticated attacker to traverse directories on the...

Ashlar-Vellum Cobalt code execution | CVE-2023-34293

June 10, 2023

NAME__________Ashlar-Vellum Cobalt code executionPlatforms Affected:Ashlar-Vellum Cobalt 12.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Ashlar-Vellum Cobalt could allow a remote attacker to execute arbitrary code...

Progress DataDirect Connect for ODBC information disclosure | CVE-2023-34363

June 10, 2023

NAME__________Progress DataDirect Connect for ODBC information disclosurePlatforms Affected:Progress DataDirect Connect for ODBC 08.02Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Progress DataDirect Connect for ODBC...

Trend Micro Apex One privilege escalation | CVE-2023-34147

June 10, 2023

NAME__________Trend Micro Apex One privilege escalationPlatforms Affected:Trend Micro Apex One as a Service Trend Micro Apex One On Premise (2019)Risk...

Fuji Electric V-Server code execution | CVE-2023-32270

June 10, 2023

NAME__________Fuji Electric V-Server code executionPlatforms Affected:Fuji Electric V-Server 4.0.15.0 Fuji Electric V-Server Lite 4.0.15.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Fuji Electric V-Server could...

Snowflake Go Snowflake Driver command execution | CVE-2023-34231

June 10, 2023

NAME__________Snowflake Go Snowflake Driver command executionPlatforms Affected:Snowflake Computing Go Snowflake Driver 1.6.18Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Snowflake Go Snowflake Driver could allow...

Month: June 2023

Wi-Fi AP UNIT information disclosure | CVE-2023-31196

ASUS RT-AX3000 information disclosure | CVE-2023-31195

Thruk directory traversal | CVE-2023-34096

Ashlar-Vellum Cobalt code execution | CVE-2023-34293

Progress DataDirect Connect for ODBC information disclosure | CVE-2023-34363

Trend Micro Apex One privilege escalation | CVE-2023-34147

Fuji Electric V-Server code execution | CVE-2023-32270

Snowflake Go Snowflake Driver command execution | CVE-2023-34231

Fuji Electric V-Server buffer overflow | CVE-2023-32538

BianLian Ransomware Victim: Aeliusmd Medical Systems

BlackCat ransomware fails to extort Australian commercial law giant

University of Manchester says hackers ‘likely’ stole data in cyberattack

The Week in Ransomware – June 9th 2023 – It’s Clop… Again!

Ukrainian hackers take down service provider for Russian banks

Russians charged with hacking Mt. Gox crypto exchange, running BTC-e

New MOVEit Transfer critical flaws found after security audit, patch now

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA: Progress Software Releases Security Advisory for MOVEit Transfer

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA and Partners Release Joint Guide to Securing Remote Access Software

CISA: CISA Releases Two Industrial Control Systems Advisories

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA and FBI Release #StopRansomware: CL0P Ransomware Gang Exploits MOVEit Vulnerability

CISA: VMware Releases Security Update for Aria Operations for Networks

[AKIRA] – Ransomware Victim: Elliott Tax Service

[RHYSIDA] – Ransomware Victim: Automated Logistics Systems

[AKIRA] – Ransomware Victim: Benda Grace Stulz

[AKIRA] – Ransomware Victim: Palacios Marine & Industrial

[AKIRA] – Ransomware Victim: General Micro Systems

You may have missed