LockBit 3.0 Ransomware Victim: spoormaker[.]co[.]za
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
silverstripe/graphql denial of service | CVE-2023-28104
NAME__________silverstripe/graphql denial of servicePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________silverstripe/graphql is vulnerable to a denial of service, caused by a flaw...
Contec CONPROSYS IoT Gateway products information disclosure | CVE-2023-23575
NAME__________Contec CONPROSYS IoT Gateway products information disclosurePlatforms Affected:Contec M2M Gateway 3.7.10 Contec M2M Controller Integrated Type 3.7.6 Contec M2M Controller...
Contec CONPROSYS IoT Gateway products code execution | CVE-2023-27389
NAME__________Contec CONPROSYS IoT Gateway products code executionPlatforms Affected:Contec M2M Gateway 3.7.10 Contec M2M Controller Integrated Type 3.7.6 Contec M2M Controller...
Emotet malware now distributed in Microsoft OneNote files to evade defenses
The Emotet malware is now distributed using Microsoft OneNote email attachments, aiming to bypass Microsoft security restrictions and infect more...
Malware Analysis – evasion – 71515b54f8c857828314eac86d900e44
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 71515b54f8c857828314eac86d900e44SHA1: 2aebbcd2f22169737773c02e3b39d46d9eef1335ANALYSIS DATE: 2023-03-18T18:34:46ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – banker – 1a652905b726faeefc531904b2316102
Score: 8 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: 1a652905b726faeefc531904b2316102SHA1: 6d8773ac17b703ee2e266681a7ee9f432232bd0cANALYSIS DATE: 2023-03-18T18:19:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – 4a840c4933e0b53e8176d9c6d4d5cf03
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 4a840c4933e0b53e8176d9c6d4d5cf03SHA1: 1c4f48707754c66a3b7253d1d800c12be559d7acANALYSIS DATE: 2023-03-18T18:48:04ZTTPS: T1130, T1112, T1222, T1005,...
Malware Analysis – banker – a5dd75a7cc6640fe1be9323929dd5d00
Score: 8 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: a5dd75a7cc6640fe1be9323929dd5d00SHA1: cc84b198042a7b6dee0448bfe92ca01f44815fe5ANALYSIS DATE: 2023-03-18T18:08:26ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – 1830f8b1c1f66b27314673f8a42fdd57
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 1830f8b1c1f66b27314673f8a42fdd57SHA1: cfab9bce032baf7292c23f1c928898d151d2f03eANALYSIS DATE: 2023-03-18T18:51:05ZTTPS: T1130, T1112, T1053, T1012,...
Malware Analysis – djvu – 83c2df30653a05c396fe3ec54d40c136
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 83c2df30653a05c396fe3ec54d40c136SHA1: d011e9ddb6dd044cab5aee2630b5904e72b87c04ANALYSIS DATE: 2023-03-18T18:50:03ZTTPS: T1005, T1081, T1130, T1112,...
Malware Analysis – smokeloader – e6652c1511ede9dfebfb0df34f969b45
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: e6652c1511ede9dfebfb0df34f969b45SHA1: 9afcff5870833214744feba664de65a14d824bc6ANALYSIS DATE: 2023-03-18T18:49:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 778d2e97d2a7cc562fa58a9513eefdeb
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 778d2e97d2a7cc562fa58a9513eefdebSHA1: 17fa33d8f906c419e727a8f897006a935b4ed2d8ANALYSIS DATE: 2023-03-18T18:53:05ZTTPS: T1005, T1081, T1012, T1082,...
HackerOne Bug Bounty Disclosure: rce-vulnerability-in-apache-airflow-providers-apache-sqoop-3-1-0byleixiao
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by leixiao leixiao Report RCE vulnerability in apache-airflow-providers-apache-sqoop 3.1.0 Full Report...
Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack
The zero-day exploitation of a now-patched medium-severity security flaw in the Fortinet FortiOS operating system has been linked to a...
Mattermost cross-site scripting | CVE-2023-1421
NAME__________Mattermost cross-site scriptingPlatforms Affected:Mattermost MattermostRisk Level:3.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Mattermost is vulnerable to cross-site scripting, caused by improper validation of user-supplied input...
Rack denial of service | CVE-2023-27539
NAME__________Rack denial of servicePlatforms Affected:Rack Rack 2.2.6.3 Rack Rack 3.0.6Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Rack is vulnerable to a denial of...
OpenSSH weak security | CVE-2023-28531
NAME__________OpenSSH weak securityPlatforms Affected:OpenSSH OpenSSH 9.2Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________OpenSSH could provide weaker than expected security, caused by a logic error...
Simple Art Gallery adminHome.php SQL injection | CVE-2023-1416
NAME__________Simple Art Gallery adminHome.php SQL injectionPlatforms Affected:Simple Art Gallery Simple Art Gallery 1.0Risk Level:6.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Simple Art Gallery is vulnerable...
RubyGems activesupport gem cross-site scripting | CVE-2023-28120
NAME__________RubyGems activesupport gem cross-site scriptingPlatforms Affected:RubyGems activesupport 6.1.7.2 RubyGems activesupport 7.0.4.2Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________RubyGems activesupport gem is vulnerable to cross-site...
D-Link DIR820LA1 denial of service | CVE-2023-25281
NAME__________D-Link DIR820LA1 denial of servicePlatforms Affected:D-Link DIR820LA1 FW105B03Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________D-Link DIR820LA1 is vulnerable to a denial of service,...
Simple Art Gallery adminHome.php file upload | CVE-2023-1415
NAME__________Simple Art Gallery adminHome.php file uploadPlatforms Affected:Simple Art Gallery Simple Art Gallery 1.0Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Simple Art Gallery could allow...
Kirin Fortress Machine SQL injection | CVE-2023-26784
NAME__________Kirin Fortress Machine SQL injectionPlatforms Affected:Kirin Fortress Machine 1.7-2020-0610Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Kirin Fortress Machine is vulnerable to SQL injection. A...
Talent Software UNIS cross-site scripting | CVE-2023-0322
NAME__________Talent Software UNIS cross-site scriptingPlatforms Affected:Talent Software UNISRisk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Talent Software UNIS is vulnerable to cross-site scripting, caused by...
