CVE Alert: CVE-2024-47773
Vulnerability Summary: CVE-2024-47773 Discourse is an open source platform for community discussion. An attacker can make several XHR requests until...
Month: October 2024
CVE Alert: CVE-2024-47822
Vulnerability Summary: CVE-2024-47822 Directus is a real-time API and App dashboard for managing SQL database content. Access tokens from query...
CVE Alert: CVE-2024-27457
Vulnerability Summary: CVE-2024-27457 Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before version 1.5.06 may allow...
HackerOne Bug Bounty Disclosure: change-phone-number-otp-flaw-leads-to-any-phone-number-takeover-polem-rch
Company Name: inDrive Company HackerOne URL: https://hackerone.com/indrive Submitted By:polem4rchLink to Submitters Profile:https://hackerone.com/polem4rch Report Title:Change phone number OTP flaw leads to...
HackerOne Bug Bounty Disclosure: remote-code-execution-cve-m-lc-lmx
Company Name: MTN Group Company HackerOne URL: https://hackerone.com/mtn_group Submitted By:m4lc0lmxLink to Submitters Profile:https://hackerone.com/m4lc0lmx Report Title:Remote code execution Report Link:https://hackerone.com/reports/2182202Date Submitted:09...
HackerOne Bug Bounty Disclosure: dos-taking-down-a-k-users-gitlab-ee-instance-or-multiple-sidekiq-instances-by-importing-a-malicious-repo-from-a-github-ee-self-hosted-server-a
Company Name: GitLab Company HackerOne URL: https://hackerone.com/gitlab Submitted By:a92847865Link to Submitters Profile:https://hackerone.com/a92847865 Report Title:DOS: taking down a 1k users Gitlab...
HackerOne Bug Bounty Disclosure: subdomain-takeover-in-gitlab-pages-fdeleite
Company Name: GitLab Company HackerOne URL: https://hackerone.com/gitlab Submitted By:fdeleiteLink to Submitters Profile:https://hackerone.com/fdeleite Report Title:Subdomain takeover in Gitlab pagesReport Link:https://hackerone.com/reports/2523654Date Submitted:09...
CISA: Microsoft Releases October 2024 Security Updates
Microsoft Releases October 2024 Security Updates Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor...
[MEOW] – Ransomware Victim: CANEA ONE
Ransomware Group: MEOW VICTIM NAME: CANEA ONE NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[LYNX] – Ransomware Victim: tankstar[.]com
Ransomware Group: LYNX VICTIM NAME: tankstarcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Cobalt Strike Beacon Detected – 124[.]222[.]14[.]40:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 1[.]117[.]62[.]81:8081
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]92[.]29[.]195:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 8[.]130[.]42[.]227:10001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]96[.]85[.]171:4444
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 110[.]42[.]212[.]130:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 101[.]43[.]125[.]25:4567
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 8[.]134[.]251[.]198:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
[ABYSS] – Ransomware Victim: victrongroup[.]com
Ransomware Group: ABYSS VICTIM NAME: victrongroupcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[CLOP] – Ransomware Victim: FULTON[.]COM
Ransomware Group: CLOP VICTIM NAME: FULTONCOM NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[DRAGONFORCE] – Ransomware Victim: Orbit Software, Inc[.]
Ransomware Group: DRAGONFORCE VICTIM NAME: Orbit Software, Inc NOTE: No files or stolen information are by RedPacket Security. Any legal...
CovenantC2 Detected – 46[.]101[.]120[.]37:7443
The Information provided at the time of posting was detected as "Covenant C2". Depending on when you are viewing this...
Microsoft Monthly Security Update (October 2024)
Microsoft has released monthly security update for their products: Vulnerable ProductRisk LevelImpactsNotesAzure Medium RiskElevation of Privilege Remote Code Execution Windows High RiskElevation...
[KILLSEC] – Ransomware Victim: avans[.]com
Ransomware Group: KILLSEC VICTIM NAME: avanscom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
