Black Basta Ransomware Victim: LYDECKER
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 47[.]97[.]70[.]163:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]234[.]72[.]26:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 106[.]75[.]93[.]75:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]155[.]39[.]230:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]142[.]214[.]167:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 198[.]144[.]191[.]172:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 175[.]178[.]36[.]137:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]103[.]189[.]229:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 27[.]102[.]118[.]76:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 116[.]63[.]252[.]248:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]227[.]198[.]195:4443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Mysterious threat actor TAC-040 used previously undetected Ljl Backdoor
A threat actor, tracked as TAC-040, exploited Atlassian Confluence flaw CVE-2022-26134 to deploy previously undetected Ljl Backdoor. Cybersecurity firm Deepwatch...
VMware Workspace ONE Access, Identity Manager and vRealize Automation code execution | CVE-2022-31658
NAME VMware Workspace ONE Access, Identity Manager and vRealize Automation code execution Platforms Affected:VMware vRealize Automation 7.6 VMware Workspace ONE...
Node.js ctv-appletv3-router module code execution |
NAME Node.js ctv-appletv3-router module code execution Platforms Affected:Node.js ctv-appletv3-routerRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ctv-appletv3-router module could allow a remote attacker...
Quest KACE Systems Management Appliance (SMA) security bypass | CVE-2022-30285
NAME Quest KACE Systems Management Appliance (SMA) security bypass Platforms Affected:Quest KACE Systems Management Appliance 12.0Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Quest...
D-Link DIR820LA1 devices buffer overflow | CVE-2022-34973
NAME D-Link DIR820LA1 devices buffer overflow Platforms Affected:D-Link DIR820LA1 FW106B02Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION D-Link DIR820LA1 devices are vulnerable to a...
Node.js chawla-init-3 module code execution |
NAME Node.js chawla-init-3 module code execution Platforms Affected:Node.js chawla-init-3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js chawla-init-3 module could allow a remote attacker...
BookWyrm brute force | CVE-2022-35925
NAME BookWyrm brute force Platforms Affected:BookWyrm BookWyrm 0.4.4Risk Level:9.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION BookWyrm is vulnerable to a brute force attack, caused...
Mealie cross-site scripting | CVE-2022-34619
NAME Mealie cross-site scripting Platforms Affected:Mealie Mealie 0.5.5Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Mealie is vulnerable to cross-site scripting, caused by improper...
Node.js @employee-experience/common module code execution |
NAME Node.js @employee-experience/common module code execution Platforms Affected:Node.js @employee-experience/commonRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js @employee-experience/common module could allow a remote attacker...
OMICard EDM SQL injection | CVE-2022-32964
NAME OMICard EDM SQL injection Platforms Affected:Peisheng Information OMICard EDM 5.8 Peisheng Information OMICard EDM 5.9 Peisheng Information OMICard EDM...
VMware Workspace ONE Access, Identity Manager and vRealize Automation security bypass | CVE-2022-31656
NAME VMware Workspace ONE Access, Identity Manager and vRealize Automation security bypass Platforms Affected:VMware vRealize Automation 7.6 VMware Workspace ONE...
D-Link DIR810LA1 devices command execution | CVE-2022-34974
NAME D-Link DIR810LA1 devices command execution Platforms Affected:D-Link DIR810LA1 FW102B22Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION D-Link DIR810LA1 devices could allow a remote...
