BlackCat/ALPHV Ransomware Victim: ASA Electronics [2[.]7 TB]
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Rush Energy Services Inc [Time’s up]
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
CISA: CISA and MS-ISAC Release Advisory on Compromised Account Used to Access State Government Organization
CISA and MS-ISAC Release Advisory on Compromised Account Used to Access State Government Organization Today, CISA and the Multi-State Information...
CISA: CISA Releases Seventeen Industrial Control Systems Advisories
CISA Releases Seventeen Industrial Control Systems Advisories CISA released seventeen Industrial Control Systems (ICS) advisories on February 15, 2024. These...
HackerOne Bug Bounty Disclosure: -ssrf-my-stripo-email-via-the-setup-wizard-parameter-deb-con
Company Name: Stripo Inc Company HackerOne URL: https://hackerone.com/stripo Submitted By:deb0conLink to Submitters Profile:https://hackerone.com/deb0con Report Title: mystripoemail via the setup-wizard parameterReport...
HackerOne Bug Bounty Disclosure: -demo-stripo-email-http-request-smuggling-deb-con
Company Name: Stripo Inc Company HackerOne URL: https://hackerone.com/stripo Submitted By:deb0conLink to Submitters Profile:https://hackerone.com/deb0con Report Title:stripoemail] HTTP request SmugglingReport Link:https://hackerone.com/reports/1631228Date Submitted:15...
HackerOne Bug Bounty Disclosure: non-revoked-api-key-disclosure-in-a-disclosed-api-key-disclosure-report-on-stripo-sankalpa
Company Name: Stripo Inc Company HackerOne URL: https://hackerone.com/stripo Submitted By:sankalpa_1337Link to Submitters Profile:https://hackerone.com/sankalpa_1337 Report Title:Non-revoked API Key Disclosure in a...
HackerOne Bug Bounty Disclosure: multiple-permission-model-bypasses-due-to-improper-path-traversal-sequence-sanitization-xion
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:xionLink to Submitters Profile:https://hackerone.com/xion Report Title:Multiple permission model bypasses due to improper...
HackerOne Bug Bounty Disclosure: path-traversal-by-monkey-patching-buffer-internals-tniessen
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:tniessenLink to Submitters Profile:https://hackerone.com/tniessen Report Title:Path traversal by monkey-patching Buffer internalsReport Link:https://hackerone.com/reports/2218653Date...
HackerOne Bug Bounty Disclosure: improper-handling-of-wildcards-in-allow-fs-read-and-allow-fs-write-tniessen
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:tniessenLink to Submitters Profile:https://hackerone.com/tniessen Report Title:Improper handling of wildcards in --allow-fs-read and...
HackerOne Bug Bounty Disclosure: code-injection-and-privilege-escalation-through-linux-capabilities-tniessen
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:tniessenLink to Submitters Profile:https://hackerone.com/tniessen Report Title:Code injection and privilege escalation through Linux...
HackerOne Bug Bounty Disclosure: node-js-is-vulnerable-to-the-marvin-attack-timing-variant-of-the-bleichenbacher-attack-against-pkcs-v-padding-hkario
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:hkarioLink to Submitters Profile:https://hackerone.com/hkario Report Title:Nodejs is vulnerable to the Marvin Attack...
HackerOne Bug Bounty Disclosure: hxxp-reading-unprocessed-http-request-with-unbounded-chunk-extension-allows-dos-attacks-bart
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:bartLink to Submitters Profile:https://hackerone.com/bart Report Title:hXXp: Reading unprocessed HTTP request with unbounded...
2024 State Of Ransomware In Education 92 Spike In K 12 Attacks
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
New Metastealer Malvertising Campaigns
MetaStealer is a popular piece of malware that came out in 2022, levering previous code base from RedLine. Stealers have...
Ransomware Review January 2024
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Atomic Stealer Rings In The New Year With Updated Version
Last year, we documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users....
Nitrogen Shelling Malware From Hacked Sites
Nitrogen is the name given to a campaign and associated malware that have been distributed via malicious search ads. Its...
Ransomware In 2023 Recap 5 Key Takeaways
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Malicious Ads For Restricted Messaging Applications Target Chinese Users
An ongoing campaign of malicious ads has been targeting Chinese-speaking users with lures for popular messaging applications such as Telegram...
Remote Monitoring Management Software Used In Phishing Attacks
Remote Monitoring & Management (RMM) software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today,...
Ransomware Review February 2024
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
CovenantC2 Detected – 23[.]94[.]66[.]115:7443
The Information provided at the time of posting was detected as "Covenant C2". Depending on when you are viewing this...
Akira Ransomware Victim: Nekoosa School Distr ict
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
