LockBit 2.0 Ransomware Victim: COFRAP ESPAÑOLA SA
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion...
Invoke-EDRChecker – Checks Running Processes, Process Metadata, Dlls Loaded Into Your Current Process And The Each DLLs Metadata, Common Install Directories, Installed Services, The Registry And Running Drivers For The Presence Of Known Defensive Products Such As AV’s, EDR’s And Logging Tools
The script will check running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common...
Securitas breached, 3TB of airport employee records exposed
An unsecured AWS server, found open to the public Internet, is the root cause of a huge compromise of data...
A week in security (January 31 – February 6)
Last week on Malwarebytes Labs: Threat actor steals email with Zimbra zero-dayFBI warns of bogus job postings on recruitment sitesInvestment...
Cobalt Stike Beacon Detected – 8[.]141[.]51[.]8:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 123[.]56[.]98[.]161:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]227[.]255[.]187:8000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 108[.]136[.]88[.]61:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 188[.]93[.]233[.]171:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Mastodon privilege escalation | CVE-2022-24307
NAME Mastodon privilege escalation Platforms Affected:Mastodon Mastodon 3.3.1 Mastodon Mastodon 3.4.5Risk Level:9.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Mastodon could allow a remote attacker...
Airspan Networks Mimosa product line code execution | CVE-2022-21196
NAME Airspan Networks Mimosa product line code execution Platforms Affected:Airspan Networks MMP 1.0.2 Airspan Networks PTP 2.8.6.0 Airspan Networks PTMP...
Insyde InsydeH2O buffer overflow | US-CERT VU#796611
NAME Insyde InsydeH2O buffer overflow Platforms Affected:Insyde InsydeH2O 5.1 Insyde InsydeH2O 5.2 Insyde InsydeH2O 5.3 Insyde InsydeH2O 5.4 Insyde InsydeH2O...
Insyde InsydeH2O privilege escalation | US-CERT VU#796611
NAME Insyde InsydeH2O privilege escalation Platforms Affected:Insyde InsydeH2O 5.1 Insyde InsydeH2O 5.2 Insyde InsydeH2O 5.3Risk Level:8.2Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Insyde InsydeH2O...
Capsule8 Console SQL injection | CVE-2022-0366
NAME Capsule8 Console SQL injection Platforms Affected:Capsule8 Console 4.6.0 Capsule8 Console 4.9.1Risk Level:8.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Capsule8 Console is vulnerable to...
Insyde InsydeH2O privilege escalation | US-CERT VU#796611
NAME Insyde InsydeH2O privilege escalation Platforms Affected:Insyde InsydeH2O 5.1 Insyde InsydeH2O 5.2 Insyde InsydeH2O 5.3 Insyde InsydeH2O 5.4 Insyde InsydeH2O...
TensorFlow denial of service | CVE-2022-21728
NAME TensorFlow denial of service Platforms Affected:TensorFlow TensorFlow 1.3.0 TensorFlow TensorFlow 1.3.1 TensorFlow TensorFlow 1.4.0 TensorFlow TensorFlow 1.4.1 TensorFlow TensorFlow...
Insyde InsydeH2O privilege escalation | US-CERT VU#796611
NAME Insyde InsydeH2O privilege escalation Platforms Affected:Insyde InsydeH2O 5.1 Insyde InsydeH2O 5.2 Insyde InsydeH2O 5.3 Insyde InsydeH2O 5.4 Insyde InsydeH2O...
PostgreSQL JDBC Driver (PgJDBC) code execution | CVE-2022-21724
NAME PostgreSQL JDBC Driver (PgJDBC) code execution Platforms Affected:PgJDBC PgJDBC 42.2.24 PgJDBC PgJDBC 42.3.1Risk Level:8.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION PostgreSQL JDBC Driver...
Servisnet Tessa information disclosure | CVE-2022-22833
NAME Servisnet Tessa information disclosure Platforms Affected:Servisnet TessaRisk Level:9.8Exploitability:FunctionalConsequences:Obtain Information DESCRIPTION Servisnet Tessa could allow a remote attacker to obtain...
Airspan Networks Mimosa product line server-side request forgery | CVE-2022-21215
NAME Airspan Networks Mimosa product line server-side request forgery Platforms Affected:Airspan Networks MMP 1.0.2 Airspan Networks PTP 2.8.6.0 Airspan Networks...
TensorFlow denial of service | CVE-2022-21726
NAME TensorFlow denial of service Platforms Affected:TensorFlow TensorFlow 1.3.0 TensorFlow TensorFlow 1.3.1 TensorFlow TensorFlow 1.4.0 TensorFlow TensorFlow 1.4.1 TensorFlow TensorFlow...
Insyde InsydeH2O code execution | US-CERT VU#796611
NAME Insyde InsydeH2O code execution Platforms Affected:Insyde InsydeH2O 5.1 Insyde InsydeH2O 5.2 Insyde InsydeH2O 5.3 Insyde InsydeH2O 5.4 Insyde InsydeH2O...
Servisnet Tessa security bypass | CVE-2022-22831
NAME Servisnet Tessa security bypass Platforms Affected:Servisnet TessaRisk Level:9.8Exploitability:FunctionalConsequences:Bypass Security DESCRIPTION Servisnet Tessa could allow a remote attacker to bypass...
IP2Location Country Blocker plugin for WordPress Frontend Settings cross-site scripting |
NAME IP2Location Country Blocker plugin for WordPress Frontend Settings cross-site scripting Platforms Affected:WordPress IP2Location Country Blocker plugin for WordPress 2.26.7Risk...
