Ransomware Review November 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Malvertiser Copies Pc News Site To Deliver Infostealer
The majority of malvertising campaigns delivering malicious utilities that we have tracked so far typically deceive victims with pages that...
Credit Card Skimming On The Rise For The Holiday Shopping Season
As we head into shopping season, customers aren’t the only ones getting excited. More online shopping means more opportunities for...
Atomic Stealer Distributed To Mac Users Via Fake Browser Updates
Atomic Stealer, also known as AMOS, is a popular stealer for Mac OS. Back in September, we described how malicious...
Ransomware Review December 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Malvertisers Zoom In On Cryptocurrencies And Initial Access
During the past month, we have observed an increase in the number of malicious ads on Google searches for “Zoom”,...
Associated Press Espn Cbs Among Top Sites Serving Fake Virus Alerts
ScamClub is a threat actor who’s been involved in malvertising activities since 2018. Chances are you probably ran into one...
New Metastealer Malvertising Campaigns
MetaStealer is a popular piece of malware that came out in 2022, levering previous code base from RedLine. Stealers have...
Pikabot Distributed Via Malicious Ads
During this past year, we have seen an increase in the use of malicious ads (malvertising) and specifically those via...
Siemens SCALANCE M-800/S615 Family command execution | CVE-2023-49691
NAME__________Siemens SCALANCE M-800/S615 Family command executionPlatforms Affected:Siemens SCALANCE M800/S615 Siemens RUGGEDCOM RM1224 LTE(4G) EU (6GK6108- 4AM00-2BA2) Siemens RUGGEDCOM RM1224 LTE(4G)...
IBM AIX denial of service | CVE-2023-45172
NAME__________IBM AIX denial of servicePlatforms Affected:IBM AIX 7.2 IBM VIOS 3.1 IBM AIX 7.3Risk Level:6.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________IBM AIX 7.2,...
Siemens SIMATIC CP, SINAMICS, SIPLUS NET CP denial of service | CVE-2023-38380
NAME__________Siemens SIMATIC CP, SINAMICS, SIPLUS NET CP denial of servicePlatforms Affected:Siemens SIPLUS NET CP 1543-1 (6AG1543-1AX00- 2XE0) Siemens SIMATIC CP...
libssh denial of service | CVE-2023-6918
NAME__________libssh denial of servicePlatforms Affected:Libssh Libssh 0.9.7 libssh libssh 0.10.5Risk Level:3.7Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________libssh is vulnerable to a denial of...
Gallagher Controller 7000 and Controller 7000 Single Door Controller security bypass | CVE-2023-6355
NAME__________Gallagher Controller 7000 and Controller 7000 Single Door Controller security bypassPlatforms Affected:Gallagher Controller 7000 8.70 Gallagher Controller 7000 8.80 Gallagher...
OpenSSH command execution | CVE-2023-51385
NAME__________OpenSSH command executionPlatforms Affected:OpenSSH OpenSSH 9.5Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________OpenSSH could allow a remote attacker to execute arbitrary commands on the...
Siemens SCALANCE M-800/S615 Family command execution | CVE-2023-49692
NAME__________Siemens SCALANCE M-800/S615 Family command executionPlatforms Affected:Siemens SCALANCE M800/S615 Siemens RUGGEDCOM RM1224 LTE(4G) EU (6GK6108- 4AM00-2BA2) Siemens RUGGEDCOM RM1224 LTE(4G)...
Keycloak open redirect | CVE-2023-6927
NAME__________Keycloak open redirectPlatforms Affected:Keycloak KeycloakRisk Level:4.6Exploitability:UnprovenConsequences:Other DESCRIPTION__________Keycloak could allow a remote authenticated attacker to conduct phishing attacks, caused by an...
OpenSSH information disclosure | CVE-2023-51384
NAME__________OpenSSH information disclosurePlatforms Affected:OpenSSH OpenSSH 9.5Risk Level:4.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenSSH could allow a local authenticated attacker to obtain sensitive information, caused...
Apache Superset privilege escalation | CVE-2023-49734
NAME__________Apache Superset privilege escalationPlatforms Affected:Apache Superset 2.1.2 Apache Superset 3.0.0Risk Level:7.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Apache Superset could allow a remote authenticated attacker...
TP-Link TL-WR902AC devices buffer overflow | CVE-2023-50225
NAME__________TP-Link TL-WR902AC devices buffer overflowPlatforms Affected:TP-Link TL-WR902ACRisk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________TP-Link TL-WR902AC is vulnerable to a stack-based buffer overflow, caused by...
EFACEC UC 500E information disclosure | CVE-2023-50705
NAME__________EFACEC UC 500E information disclosurePlatforms Affected:EFACEC UC 500E 10.1.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________EFACEC UC 500E could allow a remote attacker to...
TP-Link TL-WR841N devices information disclosure | CVE-2023-50224
NAME__________TP-Link TL-WR841N devices information disclosurePlatforms Affected:TP-Link TL-WR841NRisk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________TP-Link TL-WR841N devices could allow a remote attacker to obtain sensitive...
Apache Guacamole integer overflow | CVE-2023-43826
NAME__________Apache Guacamole integer overflowPlatforms Affected:Apache Guacamole 1.5.3Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Guacamole could allow a remote authenticated attacker to execute arbitrary...
IBM QRadar SIEM information disclosure | CVE-2023-47146
NAME__________IBM QRadar SIEM information disclosurePlatforms Affected:IBM QRadar SIEM 7.5Risk Level:4.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Qradar SIEM 7.5 could allow a privileged user...
