Daily Threat Intelligence – April 25 – 2023
The notorious Lazarus group has formulated a new malware family to threaten macOS users. The attackers have been discovered utilizing...
HackerOne Bug Bounty Disclosure: missing-brute-force-protection-for-passwords-of-password-protected-share-linksbyhackit_bharat
Programme HackerOne Nextcloud Nextcloud Submitted by hackit_bharat hackit_bharat Report Missing brute force protection for passwords of password protected share links...
HackerOne Bug Bounty Disclosure: delete-any-user’s-added-email,telephone,fax,address,skype-via-csrf-in-(https://academy-acronis-com/)byimranhudaa
Programme HackerOne Acronis Acronis Submitted by imranhudaa imranhudaa Report Delete any user's added Email,Telephone,Fax,Address,Skype via csrf in (https://academy.acronis.com/) Full Report...
HackerOne Bug Bounty Disclosure: the-`io-kubernetes-client-util-generic-dynamic-dynamics`-contains-a-code-execution-vulnerability-due-to-snakeyamlbyjlleitschuh
Programme HackerOne Kubernetes Kubernetes Submitted by jlleitschuh jlleitschuh Report The `io.kubernetes.client.util.generic.dynamic.Dynamics` contains a code execution vulnerability due to SnakeYAML Full...
HackerOne Bug Bounty Disclosure: file-read-vulnerability-allows-attackers-to-compromise-s3-buckets-using-prowbystealthy
Programme HackerOne Kubernetes Kubernetes Submitted by stealthy stealthy Report File Read Vulnerability allows Attackers to Compromise S3 buckets using Prow...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on April 25, 2023. These...
Iranian Hackers Launch Sophisticated Attacks Targeting Israel with PowerLess Backdoor
An Iranian nation-state threat actor has been linked to a new wave of phishing attacks targeting Israel that's designed to...
New SLP Vulnerability Could Let Attackers Launch 2200x Powerful DDoS Attacks
Details have emerged about a high-severity security vulnerability impacting Service Location Protocol (SLP) that could be weaponized to launch volumetric...
Posh C2 Detected – 159[.]69[.]180[.]8:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware
A financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket. "...
Modernizing Vulnerability Management: The Move Toward Exposure Management
Managing vulnerabilities in the constantly evolving technological landscape is a difficult task. Although vulnerabilities emerge regularly, not all vulnerabilities present...
Google Cloud Introduces Security AI Workbench for Faster Threat Detection and Analysis
Google's cloud division is following in the footsteps of Microsoft with the launch of Security AI Workbench that leverages generative...
LockBit 3.0 Ransomware Victim: nagase[.]co[.]jp
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: ultimateimageprinting[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: abro[.]se
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: goforcloud[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: gruponutresa[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Piwigo SQL injection | CVE-2023-26876
NAME__________Piwigo SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Piwigo is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements...
NVIDIA ConnectX-5 and ConnectX6-DX adapters denial of service | CVE-2023-0204
NAME__________NVIDIA ConnectX-5 and ConnectX6-DX adapters denial of servicePlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________NVIDIA ConnectX-5 and ConnectX6-DX adapters is vulnerable to...
Repetier Server directory traversal | CVE-2023-31059
NAME__________Repetier Server directory traversalPlatforms Affected:Repetier Server Repetier Server 1.4.10Risk Level:7.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Repetier Server could allow a remote attacker to traverse...
NVIDIA DGX-1 code execution | CVE-2023-25507
NAME__________NVIDIA DGX-1 code executionPlatforms Affected:Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NVIDIA DGX-1 BMC could allow a remote authenticated attacker to execute arbitrary code...
NVIDIA DGX A100 code execution | CVE-2023-0202
NAME__________NVIDIA DGX A100 code executionPlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NVIDIA DGX A100 could allow a local authenticated attacker to execute arbitrary...
Progress Flowmon OS directory traversal | CVE-2023-26101
NAME__________Progress Flowmon OS directory traversalPlatforms Affected:Progress Flowmon OS 12.1.1Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Progress Flowmon OS could allow a remote attacker to...
Progress Flowmon OS cross-site scripting | CVE-2023-26100
NAME__________Progress Flowmon OS cross-site scriptingPlatforms Affected:Progress Flowmon OS 12.1.1Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Progress Flowmon OS is vulnerable to cross-site scripting, caused...
