Il Blog di Michele Pinassi
Open in Telegram
Parliamo di tecnologia, politica e cybersecurity. Post automatici e rassegna personale.
Show more304
Subscribers
No data24 hours
-17 days
-130 days
Posts Archive
Atlassian: PoC pubblico per lo sfruttamento della CVE-2024-21683
(AL03/240523/CSIRT-ITA)
Disponibile un Proof of Concept (PoC) per la CVE-2024-21683 – già sanata dal vendor – presente in Atlassian Confluence Data Center and Server. Tale vulnerabilità, qualora sfruttata, potrebbe permettere l’esecuzione di codice da remoto sui dispositivi interessati.
by CSIRT - https://r.zerozone.it/post/JrBrEmnBweuzCnAb9
Sanate vulnerabilità su GitLab CE/EE
(AL01/240523/CSIRT-ITA)
Rilasciati aggiornamenti di sicurezza che risolvono 7 vulnerabilità, di cui una con gravità “alta”, in GitLab Community Edition (CE) e Enterprise Edition (EE).
by CSIRT - https://r.zerozone.it/post/Gs7Tk4EmzAcCeRxnQ
Vulnerabilità presenti in prodotti NAS QNAP
(AL02/240523/CSIRT-ITA)
Aggiornamenti di sicurezza QNAP risolvono alcune vulnerabilità, di cui 2 con gravità “alta” nei prodotti QTS e QuTS hero.
by CSIRT - https://r.zerozone.it/post/y8zjBgYm3fsGtXg4P
🏴☠️ Bianlian has just published a new victim : Critchfield & Johnston
Critchfield, Critchfield & Johnston, Ltd. is a company specializes in law services. It offers services in the areas of corporate & business, employment of labor, litigation, oil & gas, real estate, etc.
by Ransomware live - https://r.zerozone.it/post/pUBTf0eUWwF5vRAW7
🏴☠️ Lockbit3 has just published a new victim : londondrugs.com
London Drugs offers weekly flyer deals, Earth Month essentials, savings events and in-store events for various products. Shop online or in-store for pharmaceuticals, cosmetics, electronics, cameras, housewares and more. With endless revenue, greed...
by Ransomware live - https://r.zerozone.it/post/Dt0Wnu3wDvpsbHJ1K
🏴☠️ Blacksuit has just published a new victim : catiglass.com $100.000
by Ransomware live - https://r.zerozone.it/post/d8eX7qgNQ89KhDnQP
🏴☠️ Cactus has just published a new victim : schuettemetals.com
Download link #1: https://***************.onion/SMI/PROOF/Mirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/SMI/PROOF/DATA DESCRIPTIONS: Financial documents, supplier agreements, contracts, NDAs, Personal identifying information, Engineering data, employee personal files, database exports, etc.
by Ransomware live - https://r.zerozone.it/post/XU6nbGvAf6374JV0r
Sonatype Nexus Repository 3路径遍历漏洞(CVE-2024-4956)
Sonatype Nexus Repository 3路径遍历漏洞(CVE-2024-4956)
by SeeBug - https://r.zerozone.it/post/w66aCYV1P32nA3Hab
🏴☠️ Qilin has just published a new victim : Golden Acre
Golden Acre Garden Sentre. Calgary's garden centre since 1967 and still growing strong. With hundreds of thousands of square feet in retail space.Golden Acre carries a wide variety of Annuals, Perennials, Trees and Shrubs, Houseplants, Garden ...
by Ransomware live - https://r.zerozone.it/post/U4vtynekRng3vDs00
🏴☠️ Rhysida has just published a new victim : ICC
ICC ICC is a structured cabling solutions manufacturer of copper & fiber optic connectivity products for commercial & residential applications More
by Ransomware live - https://r.zerozone.it/post/xXGEubEQeBBMJDpn7
🏴☠️ Incransom has just published a new victim : Richland City Hall
The Richland Library continues to offer temporary digital library cards and will soon provide enhanced access to Ancestry.com. There are also future plans for drive-up or curbside capabilities.
by Ransomware live - https://r.zerozone.it/post/GyEb8ZWWEdGRA9ryY
🏴☠️ Medusa has just published a new victim : Aztec Services Group
Aztec Services Group, Inc - the scope of the company is environmental remediation and demolition services. Aztec Services Group, Inc corporate office is located in 3814 William P Dooley Bypass, Cincinnati, OH 45223, USA. The total amount of data leakage is 398.38 GB
by Ransomware live - https://r.zerozone.it/post/q6gdB48wvYK28ekQq
🏴☠️ Akira has just published a new victim : Newman Ferrara
Newman Ferrara maintains a multifaceted practice based in New Yor k City with attorneys specializing in complex commercial and mult i-party litigation, securities fraud and shareholder litigation, consumer protection, civil rights, and real estate. More than 45G B of data will be publicly available soon. Court processes, heari ngs [...]
by Ransomware live - https://r.zerozone.it/post/SwuCS2qz4xS015geY
🏴☠️ Blackbasta has just published a new victim : levian.com
Le Vian is a family-owned jewelry company with a long history, dating from the 15th century. As purveyors of fine jewelry, Le Vian had gained such a reputation that in 1746, Nadir Shah, one Persia’s most powerful rulers, chose them to safeguard the collection of jewels he had amassed — [...]
by Ransomware live - https://r.zerozone.it/post/YJ60Dkz6yUEv972BY
🏴☠️ Hunters has just published a new victim : Jess-link Products
Country : Taiwan - Exfiltraded data : yes - Encrypted data : yes
by Ransomware live - https://r.zerozone.it/post/eP995e4u9Pn06masG
🏴☠️ 8base has just published a new victim : ALO diamonds
ALO diamonds, a Czech jewelry company since 1995, produces dazzling jewelry with diamonds and colorful gems of various collections and styles in one of the largest creative studios in central Europe. In the collections of ALO diamonds you can find engagement, wedding rings, chains, earrings and children's earrings, pendants, necklaces, [...]
by Ransomware live - https://r.zerozone.it/post/VrTWXRFBZTJV9CmXR
🏴☠️ Play has just published a new victim : Ryder Scott Co.
United States
by Ransomware live - https://r.zerozone.it/post/9gH84Xe0H83k03rh4
PoC pubblico per lo sfruttamento della CVE-2024-4323
(AL05/240522/CSIRT-ITA)
Disponibile un Proof of Concept (PoC) per la CVE-2024-4323 – già sanata dal vendor – presente in Fluent Bit, processore e forwarder di log.
by CSIRT - https://r.zerozone.it/post/EPBrTgR6VGKK0XW8T
Vulnerabilità in Veeam Backup Enterprise Manager
(AL04/230522/CSIRT-ITA)
Veeam ha reso noto, tramite un bollettino di sicurezza, la presenza di 4 vulnerabilità, di cui una con gravità “critica”, nel prodotto Backup Enterprise Manager che potrebbe permettere ad un utente remoto la possibilità di ottenere privilegi elevati sui sistemi target.
by CSIRT - https://r.zerozone.it/post/36RsmJ2g2puX1mA0B
Zabbix 后台延时注入(CVE-2024-22120)
Zabbix 后台延时注入(CVE-2024-22120)
by SeeBug - https://r.zerozone.it/post/rV7wxqBsuQKRM46tQ
Available now! Telegram Research 2025 — the year's key insights 
