US-CERT Vulnerability Summary for the Week of June 12, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Gato – GitHub Self-Hosted Runner Enumeration And Attack Tool
Gato, or GitHub Attack Toolkit, is an enumeration and attack tool that allows both blue teamers and offensive security practitioners...
Malware Analysis – banker – 1fd1f86a3032c69587ab152daad57589
Score: 9 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: 1fd1f86a3032c69587ab152daad57589SHA1: 1e6e7c779f661f5a4cef2ad09c19507a1ef7928dANALYSIS DATE: 2023-06-25T17:13:55ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – evasion – e62724f27f21db9b5673ff3604bfe6e6
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: e62724f27f21db9b5673ff3604bfe6e6SHA1: 7d55e8191afe080143d44566c293aef3fee97360ANALYSIS DATE: 2023-06-25T17:25:58ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Medusa Locker Ransomware Victim: Real Estate Systems Integrator
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Ransomware Victim: Universitas Matthiae Belii association
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Cobalt Stike Beacon Detected – 124[.]223[.]34[.]106:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 146[.]190[.]212[.]94:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]155[.]144[.]97:9443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 194[.]41[.]59[.]3:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]199[.]181[.]68:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 95[.]214[.]27[.]59:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]113[.]231[.]140:81
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Moodle server-side request forgery | CVE-2023-35133
NAME__________Moodle server-side request forgeryPlatforms Affected:Moodle Moodle 3.9 Moodle Moodle 3.11 Moodle Moodle 4.0 Moodle Moodle 4.1 Moodle Moodle 3.11.14 Moodle...
Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance cross-site scripting | CVE-2023-20120
NAME__________Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance cross-site scriptingPlatforms Affected:Cisco Secure Email...
Flask-AppBuilder information disclosure | CVE-2023-34110
NAME__________Flask-AppBuilder information disclosurePlatforms Affected:Flask-AppBuilder Flask-AppBuilder 4.3.1Risk Level:2.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Flask-AppBuilder could allow a remote authenticated attacker to obtain sensitive information, caused...
Silicon Labs Z/IP Gateway buffer overflow | CVE-2023-0970
NAME__________Silicon Labs Z/IP Gateway buffer overflowPlatforms Affected:Silicon Labs Z/IP Gateway 7.18.01Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Silicon Labs Z/IP Gateway is vulnerable to...
Fortra Globalscape EFT information disclosure | CVE-2023-2991
NAME__________Fortra Globalscape EFT information disclosurePlatforms Affected:Fortra Globalscape EFT 8.1.0.14Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Fortra Globalscape EFT could allow a remote attacker to...
Fortra Globalscape EFT denial of service | CVE-2023-2990
NAME__________Fortra Globalscape EFT denial of servicePlatforms Affected:Fortra Globalscape EFT 8.1.0.14Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Fortra Globalscape EFT is vulnerable to a...
Silicon Labs Z/IP Gateway information disclosure | CVE-2023-0969
NAME__________Silicon Labs Z/IP Gateway information disclosurePlatforms Affected:Silicon Labs Z/IP Gateway 7.18.01Risk Level:3.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Silicon Labs Z/IP Gateway could allow a...
Moodle cross-site scripting | CVE-2023-35131
NAME__________Moodle cross-site scriptingPlatforms Affected:Moodle Moodle 3.11 Moodle Moodle 4.0 Moodle Moodle 4.1 Moodle Moodle 3.11.14 Moodle Moodle 4.0.8 Moodle Moodle...
Moodle SQL injection | CVE-2023-35132
NAME__________Moodle SQL injectionPlatforms Affected:Moodle Moodle 3.9 Moodle Moodle 3.11 Moodle Moodle 4.0 Moodle Moodle 4.1 Moodle Moodle 3.11.14 Moodle Moodle...
NOESCAPE Ransomware Victim: Promotion Fulfillment Center
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
NOESCAPE Ransomware Victim: Credit Team
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
