CyberSecurityBoard
Sponsor Register Login

Lotus Blossom

Lotus Blossom is a threat group that has targeted government and military organizations in Southeast Asia.

This Cyber News was published on attack.mitre.org. Publication date: Thu, 07 Dec 2023 22:12:07 +0000


Cyber News related to Lotus Blossom

Lotus Blossom APT Exploits WMI for Post-Exploitation Activities - The Lotus Blossom APT group’s sophisticated use of WMI, legitimate cloud platforms, and stealthy persistence mechanisms underscores the need for robust cybersecurity measures tailored to counter advanced threat actors. The Lotus Blossom Advanced ...
2 months ago Cybersecuritynews.com Lotus Blossom
CVE-2024-37412 - Cross-Site Request Forgery (CSRF) vulnerability in Blossom Themes Blossom Shop allows Cross Site Request Forgery.This issue affects Blossom Shop: from n/a through 1.1.7. ...
5 months ago Tenable.com
Malware botnet bricked 600,000 routers in mysterious 2023 event - A malware botnet named 'Pumpkin Eclipse' performed a mysterious destructive event in 2023 that destroyed 600,000 office/home office internet routers offline, disrupting customers' internet access. According to researchers at Lumen's Black Lotus Labs, ...
1 year ago Bleepingcomputer.com
Malware botnet bricked 600,000 routers in mysterious 2023 attack - A malware botnet named 'Pumpkin Eclipse' performed a mysterious destructive event in 2023 that destroyed 600,000 office/home office internet routers offline, disrupting customers' internet access. According to researchers at Lumen's Black Lotus Labs, ...
1 year ago Bleepingcomputer.com
Lotus Blossom - Lotus Blossom is a threat group that has targeted government and military organizations in Southeast Asia. ...
1 year ago Attack.mitre.org Lotus Blossom
Chinese Hackers Employ New Reverse SSH Tool to Attack Organizations - A sophisticated Chinese hacking group known as Billbug (also tracked as Lotus Blossom, Lotus Panda, and Bronze Elgin) has intensified its espionage campaign across Southeast Asia, employing a new custom Reverse SSH Tool to compromise high-value ...
2 months ago Cybersecuritynews.com Lotus Blossom
CVE-2021-21405 - Lotus is an Implementation of the Filecoin protocol written in Go. BLS signature validation in lotus uses blst library method VerifyCompressed. This method accepts signatures in 2 forms: "serialized", and "compressed", meaning that ...
4 years ago
20 Years old Proxy Botnet Network Dismantled That Exploits 1000 Unique Unpatched Devices Weekly - The botnet, tracked by Black Lotus Labs for over a year, infected thousands of Internet of Things (IoT) and end-of-life (EoL) devices, creating a veil of anonymity for malicious actors engaging in activities such as ad fraud, DDoS attacks, ...
1 month ago Cybersecuritynews.com
Chinese APT Volt Typhoon Linked to Unkillable SOHO Router Botnet - Malware hunters in the United States have set eyes on an impossible to kill botnet packed with end-of-life SOHO routers serving as a covert data transfer network for Volt Typhoon, a Chinese government-backed hacking group previously caught targeting ...
1 year ago Securityweek.com Volt Typhoon Hunters
Stealthy KV-botnet hijacks SOHO routers and VPN devices - The Chinese state-sponsored APT hacking group known as Volt Typhoon has been linked to a sophisticated botnet named 'KV-botnet' since at least 2022 to attack SOHO routers in high-value targets. Volt Typhoon commonly targets routers, firewalls, and ...
1 year ago Bleepingcomputer.com Volt Typhoon
Chinese APT Volt Typhoon Linked to Unkillable SOHO Router Botnet - Malware hunters in the United States have set eyes on an impossible to kill botnet packed with end-of-life SOHO routers serving as a covert data transfer network for Volt Typhoon, a Chinese government-backed hacking group previously caught targeting ...
1 year ago Packetstormsecurity.com Volt Typhoon Hunters
CVE-2006-0663 - Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) an email subject; (2) an encoded javascript URI, as demonstrated using ...
7 years ago
CVE-2006-5818 - Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x before 6.5.5 FP2 and 7.x before 7.0.2 allow local users to gain privileges and execute arbitrary code via unspecified vectors. This vulnerability is addressed in the following product ...
7 years ago
CVE-2010-0714 - Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 ...
6 years ago
CVE-2010-0715 - Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through ...
6 years ago
CVE-2022-37338 - Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in Blossom Recipe Maker plugin < 1.0.7 at WordPress. ...
2 years ago
CVE-2024-2107 - The Blossom Spa theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.4 via generated source. This makes it possible for unauthenticated attackers to extract sensitive data including contents of ...
1 year ago
CVE-2024-31429 - Cross-Site Request Forgery (CSRF) vulnerability in Blossom Themes Sarada Lite.This issue affects Sarada Lite: from n/a through 1.1.2. ...
1 year ago Tenable.com
CVE-2024-37098 - Server-Side Request Forgery (SSRF) vulnerability in Blossom Themes BlossomThemes Email Newsletter.This issue affects BlossomThemes Email Newsletter: from n/a through 2.2.6. ...
11 months ago
CVE-2024-37243 - Cross-Site Request Forgery (CSRF) vulnerability in Blossom Themes Vandana Lite allows Cross Site Request Forgery.This issue affects Vandana Lite: from n/a through 1.1.9. ...
5 months ago Tenable.com
CVE-2024-37102 - Cross-Site Request Forgery (CSRF) vulnerability in Blossom Themes Vilva allows Cross Site Request Forgery.This issue affects Vilva: from n/a through 1.2.2. ...
5 months ago Tenable.com
CVE-2002-2191 - Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the ...
16 years ago
CVE-2007-5544 - IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive ...
1 year ago
CVE-2008-7286 - IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that request images, which allows remote authenticated users to cause a denial of service (daemon crash) via a request to resources.nsf, aka SPR XFXF7JDBCX. ...
14 years ago
CVE-2008-7285 - Unspecified vulnerability in the docnote string handling implementation in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, aka SPR JFLD7GZT25. ...
14 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)