CISA: Microsoft Releases October 2024 Security Updates
Microsoft Releases October 2024 Security Updates Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor...
Month: October 2024
CISA: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies
Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies CISA has observed cyber threat actors leveraging unencrypted...
CISA: CISA Releases Twenty-One Industrial Control Systems Advisories
CISA Releases Twenty-One Industrial Control Systems Advisories CISA released twenty-one Industrial Control Systems (ICS) advisories on October 10, 2024. These...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
[RHYSIDA] – Ransomware Victim: Axis Health System
Ransomware Group: RHYSIDA VICTIM NAME: Axis Health System NOTE: No files or stolen information are by RedPacket Security. Any legal...
[THREEAM] – Ransomware Victim: oklahomasleepinstitute[.]co
Ransomware Group: THREEAM VICTIM NAME: oklahomasleepinstituteco NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[INCRANSOM] – Ransomware Victim: Doctors Regional Cancer Center
Ransomware Group: INCRANSOM VICTIM NAME: Doctors Regional Cancer Center NOTE: No files or stolen information are by RedPacket Security. Any...
CVE Alert: CVE-2024-47421
Vulnerability Summary: CVE-2024-47421 Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a...
CVE Alert: CVE-2024-45152
Vulnerability Summary: CVE-2024-45152 Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result...
CVE Alert: CVE-2024-9286
Vulnerability Summary: CVE-2024-9286 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), Improper Input Validation vulnerability in...
CVE Alert: CVE-2024-45137
Vulnerability Summary: CVE-2024-45137 InDesign Desktop versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous...
CVE Alert: CVE-2024-45136
Vulnerability Summary: CVE-2024-45136 InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type...
CVE Alert: CVE-2024-47424
Vulnerability Summary: CVE-2024-47424 Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that...
CVE Alert: CVE-2024-47425
Vulnerability Summary: CVE-2024-47425 Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability...
CVE Alert: CVE-2024-47422
Vulnerability Summary: CVE-2024-47422 Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path vulnerability that could...
CVE Alert: CVE-2024-47423
Vulnerability Summary: CVE-2024-47423 Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Unrestricted Upload of File with Dangerous...
CVE Alert: CVE-2024-7292
Vulnerability Summary: CVE-2024-7292 In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential stuffing attack is possible...
[MEOW] – Ransomware Victim: The Law Office of Omar O Vargas
Ransomware Group: MEOW VICTIM NAME: The Law Office of Omar O Vargas NOTE: No files or stolen information are by...
[HUNTERS] – Ransomware Victim: Structural and Steel Products
Ransomware Group: HUNTERS VICTIM NAME: Structural and Steel Products NOTE: No files or stolen information are by RedPacket Security. Any...
CISA: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies
Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies CISA has observed cyber threat actors leveraging unencrypted...
CISA: CISA Releases Twenty-One Industrial Control Systems Advisories
CISA Releases Twenty-One Industrial Control Systems Advisories CISA released twenty-one Industrial Control Systems (ICS) advisories on October 10, 2024. These...
CVE Alert: CVE-2024-9675
Vulnerability Summary: CVE-2024-9675 A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the...
CVE Alert: CVE-2024-7294
Vulnerability Summary: CVE-2024-7294 In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), an HTTP DoS attack is possible...
CVE Alert: CVE-2024-8014
Vulnerability Summary: CVE-2024-8014 In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through...
