Threat Actors Increasingly Abusing GitHub for Malicious Purposes
The ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host...
New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems
Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source...
Atomic Stealer Distributed To Mac Users Via Fake Browser Updates
Atomic Stealer, also known as AMOS, is a popular stealer for Mac OS. Back in September, we described how malicious...
Associated Press Espn Cbs Among Top Sites Serving Fake Virus Alerts
ScamClub is a threat actor who’s been involved in malvertising activities since 2018. Chances are you probably ran into one...
Ransomware Review November 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Credit Card Skimming On The Rise For The Holiday Shopping Season
As we head into shopping season, customers aren’t the only ones getting excited. More online shopping means more opportunities for...
Ransomware Review December 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Malvertisers Zoom In On Cryptocurrencies And Initial Access
During the past month, we have observed an increase in the number of malicious ads on Google searches for “Zoom”,...
New Metastealer Malvertising Campaigns
MetaStealer is a popular piece of malware that came out in 2022, levering previous code base from RedLine. Stealers have...
Atomic Stealer Rings In The New Year With Updated Version
Last year, we documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users....
Pikabot Distributed Via Malicious Ads
During this past year, we have seen an increase in the use of malicious ads (malvertising) and specifically those via...
Medusa Locker Ransomware Victim: Limburg
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Ransomware Victim: Water For People
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
There is a Ransomware Armageddon Coming for Us All
Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising...
Atomic Stealer Gets an Upgrade – Targeting Mac Users with Encrypted Payload
Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat...
Active Exploitation of Zero Day Vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure Gateways
Ivanti has disclosed two zero-day vulnerabilities (CVE-2023-46805 and CVE-2024-21887) that are being actively exploited. The vulnerabilities are:- CVE-2023-46805: Successful exploitation of...
AMI MegaRAC SP-X Baseboard Management Controllers code execution | CVE-2023-34333
NAME__________AMI MegaRAC SP-X Baseboard Management Controllers code executionPlatforms Affected:AMI MegaRAC SPX 13Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________AMI MegaRAC SP-X Baseboard Management Controllers...
Microsoft Windows TCP/IP information disclosure | CVE-2024-21313
NAME__________Microsoft Windows TCP/IP information disclosurePlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft Windows...
SAP S/4HANA Finance security bypass | CVE-2024-21736
NAME__________SAP S/4HANA Finance security bypassPlatforms Affected:SAP S/4HANA Finance SAPSCORE 128 SAP S/4HANA Finance S4CORE 10Risk Level:6.4Exploitability:UnprovenConsequences:Other DESCRIPTION__________SAP S/4HANA Finance could...
OpenSSL denial of service | CVE-2023-6129
NAME__________OpenSSL denial of servicePlatforms Affected:OpenSSL OpenSSL 3.0.0 OpenSSL OpenSSL 3.1.0 OpenSSL OpenSSL 3.2.0Risk Level:5.9Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________OpenSSL is vulnerable to...
AMI MegaRAC SP-X Baseboard Management Controllers code execution | CVE-2023-34332
NAME__________AMI MegaRAC SP-X Baseboard Management Controllers code executionPlatforms Affected:AMI MegaRAC SPX 13Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________AMI MegaRAC SP-X Baseboard Management Controllers...
Multiple TP-LINK products command execution | CVE-2024-21833
NAME__________Multiple TP-LINK products command executionPlatforms Affected:TP-Link Archer AX3000 TP-Link Archer AX5400 TP-Link Deco X50 TP-Link Deco XE200 TP-Link Archer AXE75Risk...
Multiple TP-LINK products command execution | CVE-2024-21821
NAME__________Multiple TP-LINK products command executionPlatforms Affected:TP-Link Archer AX3000 TP-Link Archer AX5400 TP-Link Archer AXE75Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Multiple TP-LINK products could...
IBM AIX denial of service | CVE-2023-45173
NAME__________IBM AIX denial of servicePlatforms Affected:IBM AIX 7.2 IBM VIOS 3.1 IBM AIX 7.3Risk Level:6.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________IBM AIX 7.2,...
