Microsoft Windows Message Queuing code execution | CVE-2023-36583
NAME__________Microsoft Windows Message Queuing code executionPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft...
Microsoft Skype for Business privilege escalation | CVE-2023-41763
NAME__________Microsoft Skype for Business privilege escalationPlatforms Affected:Microsoft Skype for Business Server 2015 CU13 Microsoft Skype for Business Server 2019 CU7Risk...
Play Ransomware Victim: Metro Transit
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
A Primer on Cyber Risk Acceptance and What it Means to Your Business
At its core, cybersecurity is the practice of protecting computer systems, networks, and data from theft, damage, or unauthorized access....
Google makes passkeys the default sign-in for personal accounts
Google announced today that passkeys are now the default sign-in option across all personal Google Accounts across its services and...
New ‘HTTP/2 Rapid Reset’ zero-day attack breaks DDoS records
A new DDoS (distributed denial of service) technique named 'HTTP/2 Rapid Reset' has been actively exploited as a zero-day since...
Mirai DDoS malware variant expands targets with 13 router exploits
A Mirai-based DDoS (distributed denial of service) malware botnet tracked as IZ1H9 has added thirteen new payloads to target Linux-based...
Air Europa data breach: Customers warned to cancel credit cards
Spanish airline Air Europa, the country's third-largest airline and a member of the SkyTeam alliance, warned customers on Monday to...
Microsoft Exchange gets ‘better’ patch to mitigate critical bug
The Exchange Team asked admins to deploy a new and "better" patch for a critical Microsoft Exchange Server vulnerability initially...
New critical Citrix NetScaler flaw exposes ‘sensitive’ data
Citrix NetScaler ADC and NetScaler Gateway are impacted by a critical severity flaw that allows the disclosure of sensitive information...
Microsoft to kill off VBScript in Windows to block malware delivery
Microsoft is planning to phase out VBScript in future Windows releases after 30 years of use, making it an on-demand...
Microsoft Monthly Security Update (October 2023)
Microsoft has released monthly security update for their products: Vulnerable ProductRisk LevelImpactsNotesBrowser Low Risk Windows Extremely High RiskRemote Code Execution Denial of...
US-CERT Vulnerability Summary for the Week of October 2, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoacronis -- agentLocal privilege escalation due to improper soft link handling. The...
Sirius – First Truly Open-Source General Purpose Vulnerability Scanner
Sirius is the first truly open-source general purpose vulnerability scanner. Today, the information security community remains the best and most...
HackerOne Bug Bounty Disclosure: b-rce-and-dos-in-cosmovisor-b-strikeout
Company Name: b'Cosmos' Company HackerOne URL: https://hackerone.com/cosmos Submitted By:b'strikeout'Link to Submitters Profile:https://hackerone.com/b'strikeout' Report Title:b'RCE and DoS in Cosmovisor'Report Link:https://hackerone.com/reports/2094056Date Submitted:10...
HackerOne Bug Bounty Disclosure: b-limited-path-traversal-in-node-js-sdk-leads-to-pii-disclosure-b-zerodivisi-n
Company Name: b'Stripe' Company HackerOne URL: https://hackerone.com/stripe Submitted By:b'zerodivisi0n'Link to Submitters Profile:https://hackerone.com/b'zerodivisi0n' Report Title:b'Limited path traversal in Node.js SDK leads...
HackerOne Bug Bounty Disclosure: b-rce-of-burp-scanner-crawler-via-clickjacking-b-mattaustin
Company Name: b'PortSwigger Web Security' Company HackerOne URL: https://hackerone.com/portswigger Submitted By:b'mattaustin'Link to Submitters Profile:https://hackerone.com/b'mattaustin' Report Title:b'RCE of Burp Scanner /...
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 and CVE-2023-4967
Description of Problem Multiple vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway)....
LockBit 3.0 Ransomware Victim: atlantatech[.]edu
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: dothanhauto[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: starplast[.]ft
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: vsmpo-tirus[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
HP Enterprise LaserJet, LaserJet Managed printers cross-site scripting | CVE-2023-5113
NAME__________HP Enterprise LaserJet, LaserJet Managed printers cross-site scriptingPlatforms Affected:HP Color LaserJet Enterprise MFP M577 HP Color LaserJet Enterprise Flow MFP...
Acronis Agent security bypass | CVE-2023-45244
NAME__________Acronis Agent security bypassPlatforms Affected:Acronis Agent 32035 Acronis Agent 31771 Acronis Agent 31529Risk Level:7.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Acronis Agent could allow a...
