Il Blog di Michele Pinassi

Mitel: PoC pubblico per lo sfruttamento delle CVE-2024-41713, CVE-2024-35286 e di una vulnerabilità zero-day (AL02/241206/CSIRT-ITA) Disponibile un Proof of Concept (PoC) per le CVE-2024-41713 e CVE-2024-35286, già sanate dal vendor, e per una vulnerabilità zero-day, presenti nel prodotto Mitel MiCollab. Tali vulnerabilità, che riguardano il componente NuPoint Unified Messaging (NPM) di Mitel MiCollab, qualora sfruttate in combinazione, potrebbero consentire l’esecuzione di operazioni arbitrarie sul relativo [...] by CSIRT - https://r.zerozone.it/post/47v5H4JPJdQbS0D38

Sintesi riepilogativa delle campagne malevole nella settimana del 30 novembre – 6 dicembre In questa settimana, il CERT-AGID ha riscontrato ed analizzato, nello scenario italiano di suo riferimento un totale di 37 campagne malevole, di cui 20 con obiettivi italiani e 17 generiche che hanno comunque interessato l’Italia, mettendo a disposizione dei suoi enti accreditati i relativi 622 indicatori di compromissione (IoC) individuati. by CERT-AgID - https://r.zerozone.it/post/qTY8m3VyWmkTMCcYH

🏴‍☠️ Bianlian has just published a new victim: LTI Trucking Services LTI Trucking Services, established in 1975, reformed in 2005 and based in St. Louis, Mo, is an asset-based transportation company that specializes in temperature-controlled freight. by Ransomware live - https://r.zerozone.it/post/QC5A20Ez0AV6vKD2R

🏴‍☠️ Funksec has just published a new victim: mtgazeta.uz [AI generated] MTGazeta.uz is a company based in Uzbekistan that focuses on providing news and information services. It operates as an online portal, delivering a wide range of content including local and international news, business insights, cultural updates, and more. The platform aims to keep its audience informed with timely [...] by Ransomware live - https://r.zerozone.it/post/YrU0b2btUDabZPRWZ

🏴‍☠️ Ransomhub has just published a new victim: pro-mec.com [AI generated] Pro-mec.com is a company specializing in precision engineering and manufacturing solutions. They offer a range of services, including CNC machining, fabrication, and assembly, catering to various industries such as aerospace, automotive, and industrial equipment. With a focus on quality and innovation, Pro-mec.com delivers customized solutions to meet specific [...] by Ransomware live - https://r.zerozone.it/post/W9x5WG4U3YNdr3wna

🏴‍☠️ Termite has just published a new victim: Blue Yonder Blue Yonder Group, Inc. (formerly JDA Software Group) is an American supply chain management company operating as an independent subsidiary of Panasonic. Founded in 1985, the company is headquartered in Scottsdale, Arizona, with offices globally. Its acquisitions have included Yantriks, RedPrairie, i2 Technologies, Manugistics, E3, Intactix, and Arthur by Ransomware live - https://r.zerozone.it/post/1Gfb43nkydxX0BnQZ

🏴‍☠️ 8base has just published a new victim: Port of Rijeka The Port of Rijeka – Luka Rijeka d.d. – is the largest concessionaire for shipping and reload of dry cargo in the Rijeka port basin; on the basis of its one-time concession agreement the Port offers services in maritime traffic, port services, as well as the storage of cargo at [...] by Ransomware live - https://r.zerozone.it/post/nJJzFd133cBpUg7zK

🏴‍☠️ 8base has just published a new victim: Originpath Group Experts in R&D. Legaltech Sector. Software development in Artificial Intelligence (machine learning) and Cloud computing environments. Software laboratory R&D&I. Legaltech: Software development for the legal sector. by Ransomware live - https://r.zerozone.it/post/NYXsvyFy04vYCj18Q

Vulnerabilità in prodotti SonicWall (AL01/241206/CSIRT-ITA) Rilevate alcune vulnerabilità, di cui 3 con gravità “alta”, nei prodotti Secure Mobile Access (SMA) della serie 100 di SonicWall. Tali vulnerabilità, qualora sfruttate, potrebbero permettere a un utente malintenzionato remoto di eseguire codice arbitrario o di causare l’indisponibilità del servizio sui dispositivi target. by CSIRT - https://r.zerozone.it/post/c9s8Ddwc9RWWedwY7

🏴‍☠️ Sarcoma has just published a new victim: Pan Gulf Holding Pan Gulf Holding Pan Gulf Holding operates as an investment holding company. The Company, through subsidiaries and affiliates, provides steel, piping, welding, fabrication, food, consulting, technology, automotive, inspection, and testing services. Pan Gulf Holding invests in companies throughout the Middle East.Geo: Saudi Arabia - Leak size: 113 GB Archive [...] by Ransomware live - https://r.zerozone.it/post/T9Txa6gN3q6ZKmhRF

🏴‍☠️ Abyss has just published a new victim: pez.com PEZ was first marketed as a compressed peppermint candy in 1927 in Vienna, Austria. Today, the company sells and markets its products worldwide with locations in Orange, Connecticut and Traun, Austria. by Ransomware live - https://r.zerozone.it/post/uT8BQ4aZjeQua44Q9

🏴‍☠️ Safepay has just published a new victim: casaimports.com Revenue $5 Million by Ransomware live - https://r.zerozone.it/post/65xVkpGxRcjpHbyuX

🏴‍☠️ Funksec has just published a new victim: ctsjo.com [AI generated] CTSJO.com is the online presence of CTS Costa Rica, a company specializing in IT services and solutions. They offer a range of services including managed IT services, cybersecurity, cloud solutions, and IT consulting. Known for their customer-focused approach, they serve various industries by providing tailored technology solutions to [...] by Ransomware live - https://r.zerozone.it/post/kjP59gTsQvrqyuhp1

🏴‍☠️ Safepay has just published a new victim: ktpartners.ca Revenue $5 Million by Ransomware live - https://r.zerozone.it/post/Y8Pt1x8RTKnTtKTNN

🏴‍☠️ Apt73 has just published a new victim: azpay.me Azape began its journey in 2018 by developing customized projects for various market segments, with its focus on developing solutions for intermedi... by Ransomware live - https://r.zerozone.it/post/5kH65MwpS5GKhBuzx

🏴‍☠️ Play has just published a new victim: ITO EN Japan by Ransomware live - https://r.zerozone.it/post/hmnay3jhb21DQmJwH

🏴‍☠️ Nitrogen has just published a new victim: SRP Federal Credit Union SRP Federal Credit Union is a member-owned financial institution that offers a variety of financial products and services, including savings accounts, loans, credit cards, and mortgages.. by Ransomware live - https://r.zerozone.it/post/RtqVXNk68mmADp3rx

🏴‍☠️ Bianlian has just published a new victim: Star Shuttle Inc. Star Shuttle & Charter, based in San Antonio, Texas, is a privately owned and operated company by the Walker family of San Antonio and Walker Resources, Inc. by Ransomware live - https://r.zerozone.it/post/edDA4R71vY2ue1VMD

Risolte vulnerabilità in Django (AL01/241205/CSIRT-ITA) Disponibile aggiornamento di sicurezza che risolve 2 vulnerabilità, di cui una con gravità “critica”, in Django, noto framework open source per lo sviluppo di applicazioni web. Nel dettaglio la vulnerabiltià con gravità “critica” riguarda la funzionalità “lookup HasKey”, utilizzata per verificare la presenza di una chiave in un campo JSON: [...] by CSIRT - https://r.zerozone.it/post/sdHYyF1kJR6sG5b3M

🏴‍☠️ Ransomhub has just published a new victim: hanwhacimarron.com [AI generated] Hanwha Cimarron is a company specializing in the manufacture of advanced composite pressure vessels. These vessels are used in industries such as aerospace, defense, and energy for storing and transporting gases under high pressure. As part of the Hanwha Group, known for its diverse industrial footprint, Hanwha Cimarron [...] by Ransomware live - https://r.zerozone.it/post/s0ZSTCeea51A7eUzQ