Russia-based RansomBoggs Ransomware Targeted Several Ukrainian Organizations

Ukraine has come under a fresh onslaught of ransomware attacks that mirror previous intrusions attributed to the Russia-based Sandworm nation-state group. Slovak cybersecurity company ESET, which dubbed the new ransomware strain RansomBoggs, said the attacks against several Ukrainian entities wer...

Exploit for CVE-2022-30190

...

Important Photon OS Security Update - PHSA-2022-3.0-0488

Updates of 'linux-rt', 'linux', 'powershell', 'linux-secure', 'linux-esx', 'linux-aws' packages of Photon OS have been released...

CVE-2022-45184

The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...

CVE-2022-45184

The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...

CVE-2022-45184

The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...

CVE-2022-45183

Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. Patched Versions are 3.5.3, 3.4.7, and 2.12.6...

Directory traversal

The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...

Privilege escalation

Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. Patched Versions are 3.5.3, 3.4.7, and 2.12.6...

Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images

A recently discovered cyber espionage group dubbed Worok has been found hiding malware in seemingly innocuous image files, corroborating a crucial link in the threat actor's infection chain. Czech cybersecurity firm Avast said the purpose of the PNG files is to conceal a payload that's used to...

CVE-2022-45184

The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...

Ironman Software PowerShell Universal 路径遍历漏洞

Ironman Software PowerShell Universal is a single pane for managing and delegating access to automation environments from Ironman Software. A security vulnerability exists in Ironman Software PowerShell Universal that stems from a web server that allows directory traversal outside of the...

CVE-2022-45184

The CVE-2022-45184 entry concerns Ironman Software PowerShell Universal Web Server under v3.x/v2.x where a directory-traversal flaw in the web server endpoints allows a remote attacker with administrator privileges to create, delete, update, and display files outside the configuration directory v...

Ironman Software PowerShell Universal 安全漏洞

Ironman Software PowerShell Universal is a single pane for managing and delegating access to automation environments from Ironman Software. A security vulnerability exists in Ironman Software PowerShell Universal, which stems from a privilege escalation on a web server, that allows an attacker wi...

CVE-2022-45183

The CVE-2022-45183 vulnerability affects Ironman Software PowerShell Universal 2.x and 3.x Web Server and enables privilege escalation: an attacker possessing a valid app token can retrieve other app tokens by ID via an HTTP request. The issue is rated high (CVSS v3.1 base score 8.8) with network...

Important Photon OS Security Update - PHSA-2022-0279

Updates of 'strongswan', 'powershell', 'pixman' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2022-4.0-0279

Updates of 'strongswan', 'sudo', 'powershell', 'pixman' packages of Photon OS have been released...

Reverse Lookup IP Addresses

This module reverse resolves an IP address or IP address range to hostnames. Module Options msf use post/multi/recon/reverselookup msf postreverselookup show actions ...actions... msf postreverselookup set ACTION msf postreverselookup show options ...show and set options... msf postreverselookup...

Patch Tuesday - November 2022

It’s a relatively light Patch Tuesday this month by the numbers – Microsoft has only published 67 new CVEs, most of which affect their flagship Windows operating system. However, four of these are zero-days, having been observed as exploited in the wild. The big news is that two older zero-day CV...

Amadey Bot Spotted Deploying LockBit 3.0 Ransomware on Hacked Machines

The Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems, researchers have warned. "Amadey bot, the malware that is used to install LockBit, is being distributed through two methods: one using a malicious Word document file, and the other using an executable that...