RedPacket Security - InfoSec News & Tutorials

HackerOne Bug Bounty Disclosure: redos-vulnerability-in-http-accept-headers-parsing-dwisiswant

October 30, 2024

Company Name: Internet Bug Bounty Company HackerOne URL: https://hackerone.com/ibb Submitted By:dwisiswant0Link to Submitters Profile:https://hackerone.com/dwisiswant0 Report Title:ReDoS Vulnerability in HTTP Accept...

CISA: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

October 30, 2024

Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation Fortinet has updated their security advisory addressing a critical...

[FOG] – Ransomware Victim: Jillamy (jillamy[.]com)

October 30, 2024

Ransomware Group: FOG VICTIM NAME: Jillamy (jillamycom) NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

Opera Browser Fixes Big Security Hole That Could Have Exposed Your Information

October 30, 2024

A now-patched security flaw in the Opera web browser could have enabled a malicious extension to gain unauthorized, full access...

North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack

October 30, 2024

Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play,...

Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware

October 30, 2024

Cybersecurity researchers have uncovered an ongoing malvertising campaign that abuses Meta's advertising platform and hijacked Facebook accounts to distribute information...

[FOG] – Ransomware Victim: SmartSource (smartsource-inc[.]com)

October 30, 2024

Ransomware Group: FOG VICTIM NAME: SmartSource (smartsource-inccom) NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[HANDALA] – Ransomware Victim: IM Cannabis

October 30, 2024

Ransomware Group: HANDALA VICTIM NAME: IM Cannabis NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

CVE Alert: CVE-2024-50423

October 30, 2024

Vulnerability Summary: CVE-2024-50423 Missing Authorization vulnerability in Templately allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templately: from...

CVE Alert: CVE-2024-50422

October 30, 2024

Vulnerability Summary: CVE-2024-50422 Missing Authorization vulnerability in Cloudways Breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze:...

CVE Alert: CVE-2024-7992

October 30, 2024

Vulnerability Summary: CVE-2024-7992 A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a...

CVE Alert: CVE-2024-8588

October 30, 2024

Vulnerability Summary: CVE-2024-8588 A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read...

CVE Alert: CVE-2024-50421

October 30, 2024

Vulnerability Summary: CVE-2024-50421 Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips allows Exploiting Incorrectly Configured Access...

CVE Alert: CVE-2024-50454

October 30, 2024

Vulnerability Summary: CVE-2024-50454 Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security...

CVE Alert: CVE-2024-8592

October 30, 2024

Vulnerability Summary: CVE-2024-8592 A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption...

CVE Alert: CVE-2024-7991

October 30, 2024

Vulnerability Summary: CVE-2024-7991 A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force an...

CVE Alert: CVE-2024-50428

October 30, 2024

Vulnerability Summary: CVE-2024-50428 Missing Authorization vulnerability in Mondula GmbH Multi Step Form allows Exploiting Incorrectly Configured Access Control Security Levels.This...

CVE Alert: CVE-2024-8593

October 30, 2024

Vulnerability Summary: CVE-2024-8593 A maliciously crafted CATPART file when parsed in ASMKERN230A.dll through Autodesk AutoCAD can force a Out-of-Bounds Write...