Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021
Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located...
Critical Vulnerabilities in ASUS’ Router Products
ASUS has released security updates to address two critical vulnerabilities (CVE-2024-3080 and CVE-2024-3912) in their router products. The vulnerabilities have...
INC Ransom Ransomware Victim: Ejército del Per
INC Ransom Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
INC Ransom Ransomware Victim: Behavioral Health Response (bhr[.]local)
INC Ransom Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
INC Ransom Ransomware Victim: DERBY SCHOOL
INC Ransom Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Experts Uncover New Evasive SquidLoader Malware Targeting Chinese Organizations
Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader that spreads via phishing campaigns targeting Chinese organizations. AT&T...
G7 to Develop Cybersecurity Framework for Energy Sector
The G7 nations will develop a collective cybersecurity framework for operational technologies in energy systems, aimed at both manufacturers and...
Cybersecurity Burnout Costing Firms $700m+ Annually
British and US enterprises may be throwing away as much as $756m each year through lost productivity due to burned-out...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on June 6, 2024. These...
CISA: Phone Scammers Impersonating CISA Employees
Phone Scammers Impersonating CISA Employees Impersonation scams are on the rise and often use the names and titles of government...
CISA: Microsoft Releases June 2024 Security Updates
Microsoft Releases June 2024 Security Updates Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat...
CISA: Fortinet Releases Security Updates for FortiOS
Fortinet Releases Security Updates for FortiOS Fortinet has released security updates to address a vulnerability in FortiOS. A cyber threat...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on June 11, 2024. These...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on June 18, 2024. These...
CISA: CISA Releases Twenty Industrial Control Systems Advisories
CISA Releases Twenty Industrial Control Systems Advisories CISA released twenty Industrial Control Systems (ICS) advisories on June 13, 2024. These...
CISA: CISA and Partners Release Guidance for Modern Approaches to Network Access Security
CISA and Partners Release Guidance for Modern Approaches to Network Access Security Today, CISA, in partnership with the Federal Bureau...
Volana – Shell Command Obfuscation To Avoid Detection Systems
Shell command obfuscation to avoid SIEM/detection system During pentest, an important aspect is to be stealth. For this reason you...
Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw
Crypto exchange Kraken revealed that an unnamed security researcher exploited an "extremely critical" zero-day flaw in its platform to steal...
HackerOne Bug Bounty Disclosure: cloudflare-cdn-cgi-path-allows-resizing-images-from-unauthorised-sources-on-enjinusercontent-com–whoami
Company Name: Enjin Company HackerOne URL: https://hackerone.com/enjin Submitted By:19whoami19Link to Submitters Profile:https://hackerone.com/19whoami19 Report Title:Cloudflare /cdn-cgi/ path allows resizing images from...
HackerOne Bug Bounty Disclosure: ability-to-bulk-submit-reports-via-query-named-based-batching–x
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:0x999Link to Submitters Profile:https://hackerone.com/0x999 Report Title:Ability to bulk submit reports via query...
HackerOne Bug Bounty Disclosure: -meetup-world-id-oidc-insufficient-filtering-of-state-parameter-in-response-mode-form-post-leads-to-xss-and-ato-lauritz
Company Name: Tools for Humanity Company HackerOne URL: https://hackerone.com/toolsforhumanity Submitted By:lauritzLink to Submitters Profile:https://hackerone.com/lauritz Report Title: Insufficient Filtering of "state"...
HackerOne Bug Bounty Disclosure: -package-name-can-be-set-as-desired-when-submitting-a-pentest-opportunity-form-iam-srpk
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:iam_srpkLink to Submitters Profile:https://hackerone.com/iam_srpk Report Title:"package_name" can be set as desired when...
