CISA: Microsoft Releases October 2024 Security Updates
Microsoft Releases October 2024 Security Updates Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor...
CISA: Avoid Scams After Disaster Strikes
Avoid Scams After Disaster Strikes As hurricanes and other natural disasters occur, CISA urges individuals to remain on alert for...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Twenty-One Industrial Control Systems Advisories
CISA Releases Twenty-One Industrial Control Systems Advisories CISA released twenty-one Industrial Control Systems (ICS) advisories on October 10, 2024. These...
CISA: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies
Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies CISA has observed cyber threat actors leveraging unencrypted...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on October 15, 2024. These...
CISA: Guidance: Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM)
Guidance: Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM) Today, CISA published the Framing Software Component Transparency, created...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
[BIANLIAN] – Ransomware Victim: Boston Children’s Health Physicians
Ransomware Group: BIANLIAN VICTIM NAME: Boston Children's Health Physicians NOTE: No files or stolen information are by RedPacket Security. Any...
US-CERT Vulnerability Summary for the Week of October 7, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
[RHYSIDA] – Ransomware Victim: Henry County Schools
Ransomware Group: RHYSIDA VICTIM NAME: Henry County Schools NOTE: No files or stolen information are by RedPacket Security. Any legal...
CISA: Guidance: Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM)
Guidance: Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM) Today, CISA published the Framing Software Component Transparency, created...
CVE Alert: CVE-2024-9922
Vulnerability Summary: CVE-2024-9922 The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing unauthenticated remote attackers...
CVE Alert: CVE-2024-49214
Vulnerability Summary: CVE-2024-49214 QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT...
CVE Alert: CVE-2024-9921
Vulnerability Summary: CVE-2024-9921 The Team+ from TEAMPLUS TECHNOLOGY does not properly validate specific page parameter, allowing unauthenticated remote attackers to...
CVE Alert: CVE-2024-9924
Vulnerability Summary: CVE-2024-9924 The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga remains at...
CVE Alert: CVE-2024-9139
Vulnerability Summary: CVE-2024-9139 The affected product permits OS command injection through improperly restricted commands, potentially allowing attackers to execute arbitrary...
CVE Alert: CVE-2024-9923
Vulnerability Summary: CVE-2024-9923 The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with...
New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT
Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote...
TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns
New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a...
HackerOne Bug Bounty Disclosure: host-header-injection-leads-to-account-takeover-ndizon
Company Name: Enjin Company HackerOne URL: https://hackerone.com/enjin Submitted By:ndizon_Link to Submitters Profile:https://hackerone.com/ndizon_ Report Title:Host header injection leads to account takeoverReport...
HackerOne Bug Bounty Disclosure: race-condition-on-create-api-function-mo-salah
Company Name: Enjin Company HackerOne URL: https://hackerone.com/enjin Submitted By:mo_salah12Link to Submitters Profile:https://hackerone.com/mo_salah12 Report Title:Race Condition on Create API FunctionReport Link:https://hackerone.com/reports/2682392Date...
[ABYSS] – Ransomware Victim: In the depths of software development[.] Unlocking the secrets of Promise Technology, Inc[.]
Ransomware Group: ABYSS VICTIM NAME: In the depths of software development Unlocking the secrets of Promise Technology, Inc NOTE: No...
