Risolte vulnerabilità in prodotti VMware
(AL02/240522/CSIRT-ITA)
VMware ha rilasciato aggiornamenti di sicurezza per sanare 3 vulnerabilità, di cui 2 con gravità “alta”, nei prodotti VMware ESXi, Workstation, Fusion e vCenter Server.
by CSIRT - https://r.zerozone.it/post/T4xyKnzjG1GrxhU5F
(AL02/240522/CSIRT-ITA)
VMware ha rilasciato aggiornamenti di sicurezza per sanare 3 vulnerabilità, di cui 2 con gravità “alta”, nei prodotti VMware ESXi, Workstation, Fusion e vCenter Server.
by CSIRT - https://r.zerozone.it/post/T4xyKnzjG1GrxhU5F
Zabbix 后台延时注入(CVE-2024-22120)
Zabbix 后台延时注入(CVE-2024-22120)
by SeeBug - https://r.zerozone.it/post/rV7wxqBsuQKRM46tQ
Zabbix 后台延时注入(CVE-2024-22120)
by SeeBug - https://r.zerozone.it/post/rV7wxqBsuQKRM46tQ
www.seebug.org
Zabbix 后台延时注入(CVE-2024-22120) - Knownsec Seebug Vulnerability Platform
Introduction:Zabbix 后台延时注入(CVE-2024-22120)
Vulnerabilità in Veeam Backup Enterprise Manager
(AL04/230522/CSIRT-ITA)
Veeam ha reso noto, tramite un bollettino di sicurezza, la presenza di 4 vulnerabilità, di cui una con gravità “critica”, nel prodotto Backup Enterprise Manager che potrebbe permettere ad un utente remoto la possibilità di ottenere privilegi elevati sui sistemi target.
by CSIRT - https://r.zerozone.it/post/36RsmJ2g2puX1mA0B
(AL04/230522/CSIRT-ITA)
Veeam ha reso noto, tramite un bollettino di sicurezza, la presenza di 4 vulnerabilità, di cui una con gravità “critica”, nel prodotto Backup Enterprise Manager che potrebbe permettere ad un utente remoto la possibilità di ottenere privilegi elevati sui sistemi target.
by CSIRT - https://r.zerozone.it/post/36RsmJ2g2puX1mA0B
PoC pubblico per lo sfruttamento della CVE-2024-4323
(AL05/240522/CSIRT-ITA)
Disponibile un Proof of Concept (PoC) per la CVE-2024-4323 – già sanata dal vendor – presente in Fluent Bit, processore e forwarder di log.
by CSIRT - https://r.zerozone.it/post/EPBrTgR6VGKK0XW8T
(AL05/240522/CSIRT-ITA)
Disponibile un Proof of Concept (PoC) per la CVE-2024-4323 – già sanata dal vendor – presente in Fluent Bit, processore e forwarder di log.
by CSIRT - https://r.zerozone.it/post/EPBrTgR6VGKK0XW8T
🏴☠️ Play has just published a new victim : Ryder Scott Co.
United States
by Ransomware live - https://r.zerozone.it/post/9gH84Xe0H83k03rh4
United States
by Ransomware live - https://r.zerozone.it/post/9gH84Xe0H83k03rh4
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ 8base has just published a new victim : ALO diamonds
ALO diamonds, a Czech jewelry company since 1995, produces dazzling jewelry with diamonds and colorful gems of various collections and styles in one of the largest creative studios in central Europe. In the collections of ALO diamonds you can find engagement, wedding rings, chains, earrings and children's earrings, pendants, necklaces, [...]
by Ransomware live - https://r.zerozone.it/post/VrTWXRFBZTJV9CmXR
ALO diamonds, a Czech jewelry company since 1995, produces dazzling jewelry with diamonds and colorful gems of various collections and styles in one of the largest creative studios in central Europe. In the collections of ALO diamonds you can find engagement, wedding rings, chains, earrings and children's earrings, pendants, necklaces, [...]
by Ransomware live - https://r.zerozone.it/post/VrTWXRFBZTJV9CmXR
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Hunters has just published a new victim : Jess-link Products
Country : Taiwan - Exfiltraded data : yes - Encrypted data : yes
by Ransomware live - https://r.zerozone.it/post/eP995e4u9Pn06masG
Country : Taiwan - Exfiltraded data : yes - Encrypted data : yes
by Ransomware live - https://r.zerozone.it/post/eP995e4u9Pn06masG
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Blackbasta has just published a new victim : levian.com
Le Vian is a family-owned jewelry company with a long history, dating from the 15th century. As purveyors of fine jewelry, Le Vian had gained such a reputation that in 1746, Nadir Shah, one Persia’s most powerful rulers, chose them to safeguard the collection of jewels he had amassed — [...]
by Ransomware live - https://r.zerozone.it/post/YJ60Dkz6yUEv972BY
Le Vian is a family-owned jewelry company with a long history, dating from the 15th century. As purveyors of fine jewelry, Le Vian had gained such a reputation that in 1746, Nadir Shah, one Persia’s most powerful rulers, chose them to safeguard the collection of jewels he had amassed — [...]
by Ransomware live - https://r.zerozone.it/post/YJ60Dkz6yUEv972BY
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Akira has just published a new victim : Newman Ferrara
Newman Ferrara maintains a multifaceted practice based in New Yor k City with attorneys specializing in complex commercial and mult i-party litigation, securities fraud and shareholder litigation, consumer protection, civil rights, and real estate. More than 45G B of data will be publicly available soon. Court processes, heari ngs [...]
by Ransomware live - https://r.zerozone.it/post/SwuCS2qz4xS015geY
Newman Ferrara maintains a multifaceted practice based in New Yor k City with attorneys specializing in complex commercial and mult i-party litigation, securities fraud and shareholder litigation, consumer protection, civil rights, and real estate. More than 45G B of data will be publicly available soon. Court processes, heari ngs [...]
by Ransomware live - https://r.zerozone.it/post/SwuCS2qz4xS015geY
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Medusa has just published a new victim : Aztec Services Group
Aztec Services Group, Inc - the scope of the company is environmental remediation and demolition services. Aztec Services Group, Inc corporate office is located in 3814 William P Dooley Bypass, Cincinnati, OH 45223, USA. The total amount of data leakage is 398.38 GB
by Ransomware live - https://r.zerozone.it/post/q6gdB48wvYK28ekQq
Aztec Services Group, Inc - the scope of the company is environmental remediation and demolition services. Aztec Services Group, Inc corporate office is located in 3814 William P Dooley Bypass, Cincinnati, OH 45223, USA. The total amount of data leakage is 398.38 GB
by Ransomware live - https://r.zerozone.it/post/q6gdB48wvYK28ekQq
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Incransom has just published a new victim : Richland City Hall
The Richland Library continues to offer temporary digital library cards and will soon provide enhanced access to Ancestry.com. There are also future plans for drive-up or curbside capabilities.
by Ransomware live - https://r.zerozone.it/post/GyEb8ZWWEdGRA9ryY
The Richland Library continues to offer temporary digital library cards and will soon provide enhanced access to Ancestry.com. There are also future plans for drive-up or curbside capabilities.
by Ransomware live - https://r.zerozone.it/post/GyEb8ZWWEdGRA9ryY
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Rhysida has just published a new victim : ICC
ICC ICC is a structured cabling solutions manufacturer of copper & fiber optic connectivity products for commercial & residential applications More
by Ransomware live - https://r.zerozone.it/post/xXGEubEQeBBMJDpn7
ICC ICC is a structured cabling solutions manufacturer of copper & fiber optic connectivity products for commercial & residential applications More
by Ransomware live - https://r.zerozone.it/post/xXGEubEQeBBMJDpn7
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Qilin has just published a new victim : Golden Acre
Golden Acre Garden Sentre. Calgary's garden centre since 1967 and still growing strong. With hundreds of thousands of square feet in retail space.Golden Acre carries a wide variety of Annuals, Perennials, Trees and Shrubs, Houseplants, Garden ...
by Ransomware live - https://r.zerozone.it/post/U4vtynekRng3vDs00
Golden Acre Garden Sentre. Calgary's garden centre since 1967 and still growing strong. With hundreds of thousands of square feet in retail space.Golden Acre carries a wide variety of Annuals, Perennials, Trees and Shrubs, Houseplants, Garden ...
by Ransomware live - https://r.zerozone.it/post/U4vtynekRng3vDs00
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
Sonatype Nexus Repository 3路径遍历漏洞(CVE-2024-4956)
Sonatype Nexus Repository 3路径遍历漏洞(CVE-2024-4956)
by SeeBug - https://r.zerozone.it/post/w66aCYV1P32nA3Hab
Sonatype Nexus Repository 3路径遍历漏洞(CVE-2024-4956)
by SeeBug - https://r.zerozone.it/post/w66aCYV1P32nA3Hab
www.seebug.org
Sonatype Nexus Repository 3路径遍历漏洞(CVE-2024-4956) - Knownsec Seebug Vulnerability Platform
Introduction:Sonatype Nexus Repository 3路径遍历漏洞(CVE-2024-4956)
🏴☠️ Cactus has just published a new victim : schuettemetals.com
Download link #1: https://***************.onion/SMI/PROOF/Mirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/SMI/PROOF/DATA DESCRIPTIONS: Financial documents, supplier agreements, contracts, NDAs, Personal identifying information, Engineering data, employee personal files, database exports, etc.
by Ransomware live - https://r.zerozone.it/post/XU6nbGvAf6374JV0r
Download link #1: https://***************.onion/SMI/PROOF/Mirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/SMI/PROOF/DATA DESCRIPTIONS: Financial documents, supplier agreements, contracts, NDAs, Personal identifying information, Engineering data, employee personal files, database exports, etc.
by Ransomware live - https://r.zerozone.it/post/XU6nbGvAf6374JV0r
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Blacksuit has just published a new victim : catiglass.com $100.000
by Ransomware live - https://r.zerozone.it/post/d8eX7qgNQ89KhDnQP
by Ransomware live - https://r.zerozone.it/post/d8eX7qgNQ89KhDnQP
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Lockbit3 has just published a new victim : londondrugs.com
London Drugs offers weekly flyer deals, Earth Month essentials, savings events and in-store events for various products. Shop online or in-store for pharmaceuticals, cosmetics, electronics, cameras, housewares and more. With endless revenue, greed...
by Ransomware live - https://r.zerozone.it/post/Dt0Wnu3wDvpsbHJ1K
London Drugs offers weekly flyer deals, Earth Month essentials, savings events and in-store events for various products. Shop online or in-store for pharmaceuticals, cosmetics, electronics, cameras, housewares and more. With endless revenue, greed...
by Ransomware live - https://r.zerozone.it/post/Dt0Wnu3wDvpsbHJ1K
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Bianlian has just published a new victim : Critchfield & Johnston
Critchfield, Critchfield & Johnston, Ltd. is a company specializes in law services. It offers services in the areas of corporate & business, employment of labor, litigation, oil & gas, real estate, etc.
by Ransomware live - https://r.zerozone.it/post/pUBTf0eUWwF5vRAW7
Critchfield, Critchfield & Johnston, Ltd. is a company specializes in law services. It offers services in the areas of corporate & business, employment of labor, litigation, oil & gas, real estate, etc.
by Ransomware live - https://r.zerozone.it/post/pUBTf0eUWwF5vRAW7
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
Vulnerabilità presenti in prodotti NAS QNAP
(AL02/240523/CSIRT-ITA)
Aggiornamenti di sicurezza QNAP risolvono alcune vulnerabilità, di cui 2 con gravità “alta” nei prodotti QTS e QuTS hero.
by CSIRT - https://r.zerozone.it/post/y8zjBgYm3fsGtXg4P
(AL02/240523/CSIRT-ITA)
Aggiornamenti di sicurezza QNAP risolvono alcune vulnerabilità, di cui 2 con gravità “alta” nei prodotti QTS e QuTS hero.
by CSIRT - https://r.zerozone.it/post/y8zjBgYm3fsGtXg4P
Sanate vulnerabilità su GitLab CE/EE
(AL01/240523/CSIRT-ITA)
Rilasciati aggiornamenti di sicurezza che risolvono 7 vulnerabilità, di cui una con gravità “alta”, in GitLab Community Edition (CE) e Enterprise Edition (EE).
by CSIRT - https://r.zerozone.it/post/Gs7Tk4EmzAcCeRxnQ
(AL01/240523/CSIRT-ITA)
Rilasciati aggiornamenti di sicurezza che risolvono 7 vulnerabilità, di cui una con gravità “alta”, in GitLab Community Edition (CE) e Enterprise Edition (EE).
by CSIRT - https://r.zerozone.it/post/Gs7Tk4EmzAcCeRxnQ
Atlassian: PoC pubblico per lo sfruttamento della CVE-2024-21683
(AL03/240523/CSIRT-ITA)
Disponibile un Proof of Concept (PoC) per la CVE-2024-21683 – già sanata dal vendor – presente in Atlassian Confluence Data Center and Server. Tale vulnerabilità, qualora sfruttata, potrebbe permettere l’esecuzione di codice da remoto sui dispositivi interessati.
by CSIRT - https://r.zerozone.it/post/JrBrEmnBweuzCnAb9
(AL03/240523/CSIRT-ITA)
Disponibile un Proof of Concept (PoC) per la CVE-2024-21683 – già sanata dal vendor – presente in Atlassian Confluence Data Center and Server. Tale vulnerabilità, qualora sfruttata, potrebbe permettere l’esecuzione di codice da remoto sui dispositivi interessati.
by CSIRT - https://r.zerozone.it/post/JrBrEmnBweuzCnAb9