Terravision – 2,075,625 breached accounts
HIBP In February 2023, the European airport transfers service Terravision suffered a data breach. The breach exposed over 2M records...
CISA: CISA and Partners Release Cybersecurity Best Practices for Smart Cities
CISA and Partners Release Cybersecurity Best Practices for Smart Cities Today, CISA, NSA, FBI, NCSC-UK(link is external), ACSC(link is external),...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on April 20, 2023. These...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for...
CISA: CISA to Continue and Enhance U.K.’s Logging Made Easy Tool
CISA to Continue and Enhance U.K.’s Logging Made Easy Tool CISA has announced plans to continue and enhance the Logging...
CISA: CISA Releases Malware Analysis Report on ICONICSTEALER
CISA Releases Malware Analysis Report on ICONICSTEALER CISA has released a new Malware Analysis Report (MAR) on an infostealer known...
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access...
CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security updates for vulnerabilities affecting Industrial Network Director (IND), Modeling...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
US-CERT Vulnerability Summary for the Week of April 10, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Malware Analysis – djvu – d40e6770732b567015fd74c4ad7ab22b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:bf58e1879f88b222ba2391682babf9d8, discovery, persistence, ransomware, spyware, stealerMD5: d40e6770732b567015fd74c4ad7ab22bSHA1: 112d0a3a264ccb52d809cb8c3359733221fc1d1bANALYSIS DATE: 2023-04-23T16:11:01ZTTPS: T1005, T1081, T1060, T1112,...
Malware Analysis – ransomware – e0c0eb3003d60d0f9b138b99386f3ac5
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: e0c0eb3003d60d0f9b138b99386f3ac5SHA1: 490055d08a5e685a9273ccdc21562d6e61f085ceANALYSIS DATE: 2023-04-23T15:53:28ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – a138167f24490e16fc61019313b21fe9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:bf58e1879f88b222ba2391682babf9d8, discovery, persistence, ransomware, spyware, stealerMD5: a138167f24490e16fc61019313b21fe9SHA1: 09083bb5f45cc3e4109d48980b01eb8ce97aad85ANALYSIS DATE: 2023-04-23T16:50:27ZTTPS: T1222, T1012, T1082, T1053,...
Malware Analysis – persistence – c9c341eaf04c89933ed28cbc2739d325
Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: c9c341eaf04c89933ed28cbc2739d325SHA1: c5b7d47aef3bd33a24293138fcba3a5ff286c2a8ANALYSIS DATE: 2023-04-23T16:55:28ZTTPS: T1107, T1490, T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – infinitylock – b805db8f6a84475ef76b795b0d1ed6ae
Score: 10 MALWARE FAMILY: infinitylockTAGS:family:infinitylock, ransomwareMD5: b805db8f6a84475ef76b795b0d1ed6aeSHA1: 7711cb4873e58b7adcf2a2b047b090e78d10c75bANALYSIS DATE: 2023-04-23T16:45:30ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – amadey – 385f0863a2078a48cc981c21ca894af4
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, botnet:pub1, backdoor, discovery, ransomware, trojanMD5: 385f0863a2078a48cc981c21ca894af4SHA1: 1efec0751c7e72261acd3885bb1909ea1bfbf790ANALYSIS DATE: 2023-04-23T16:33:20ZTTPS: T1082, T1222, T1012, T1120,...
HackerOne Bug Bounty Disclosure: reflected-xss-in-[www-equifax-com]byabdoj
Programme HackerOne Equifax-vdp Equifax-vdp Submitted by abdoj abdoj Report reflected XSS in Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: reflected-xss-in-[www-equifax-com]byabdoj
Programme HackerOne Equifax-vdp Equifax-vdp Submitted by abdoj abdoj Report reflected XSS in Full Report A considerable amount of time...
Brute Ratel C4 Detected – 52[.]68[.]31[.]77:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Discourse denial of service | CVE-2023-28440
NAME__________Discourse denial of servicePlatforms Affected:Discourse Discourse 3.1.0.beta3 Discourse Discourse 3.0.2Risk Level:2.7Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Discourse is vulnerable to a denial of...
Oracle Java SE, Oracle GraalVM Enterprise Edition unspecified | CVE-2023-21938
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition unspecifiedPlatforms Affected:Oracle GraalVM Enterprise Edition 20.3.8 Oracle GraalVM Enterprise Edition 21.3.4 Oracle GraalVM...
Discourse HTML injection | CVE-2023-29196
NAME__________Discourse HTML injectionPlatforms Affected:Discourse Discourse 3.1.0.beta3 Discourse Discourse 3.0.2Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Discourse is vulnerable to HTML injection. A remote authenticated...
