Elon Musk in Hot Water With FTC Over Twitter Privacy Issues
Elon Musk is in the crosshairs of US federal regulators over his handling of privacy and security issues since he...
Iranian Threat Group Hits Thousands With Password Spray Campaign
An Iranian state-backed APT group carried out a “wave” of cyber-espionage attacks against thousands of global targets over a six-month...
Pirated Software Likely Cause of Airbus Breach
A major data breach at Airbus revealed earlier this week stemmed from a RedLine info-stealer likely hidden in a pirated...
China’s Malicious Cyber Activity Informing War Preparations, Pentagon Says
China’s malicious cyber activity informs its preparations for a potential military conflict with the US, a new report from the...
Cloud to Blame for Almost all Security Vulnerabilities
Four out of five (80.3%) security vulnerabilities observed in organizations across all sectors come from a cloud environment, Palo Alto...
US-CERT Vulnerability Summary for the Week of September 4, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocanonical_ltd. -- snapd_for_linuxUsing the TIOCLINUX ioctl request, a malicious snap could inject...
Z9 – PowerShell Script Analyzer
Abstract This tools detects the artifact of the PowerShell based malware from the eventlog of PowerShell logging. Online Demo Install...
HackerOne Bug Bounty Disclosure: b-unprotected-atlantis-server-at-https-b-imranhudaa
Company Name: b'8x8' Company HackerOne URL: https://hackerone.com/8x8 Submitted By:b'imranhudaa'Link to Submitters Profile:https://hackerone.com/b'imranhudaa' Report Title:b'Unprotected Atlantis Server at https://132.226..'Report Link:https://hackerone.com/reports/1895783Date Submitted:15...
Iranian Nation-State Actors Employ Password Spray Attacks Targeting Multiple Sectors
Iranian nation-state actors have been conducting password spray attacks against thousands of organizations globally between February and July 2023, new...
DDoS 2.0: IoT Sparks New DDoS Alert
The Internet of Things (IoT) is transforming efficiency in various sectors like healthcare and logistics but has also introduced new...
Cybercriminals Combine Phishing and EV Certificates to Deliver Ransomware Payloads
The threat actors behind RedLine and Vidar information stealers have been observed pivoting to ransomware through phishing campaigns that spread...
Google Agrees to $93 Million Settlement in California’s Location-Privacy Lawsuit
Google has agreed to pay $93 million to settle a lawsuit filed by the U.S. state of California over allegations...
The Interdependence between Automated Threat Intelligence Collection and Humans
The volume of cybersecurity vulnerabilities is rising, with close to 30% more vulnerabilities found in 2022 vs. 2018. Costs are...
NodeStealer Malware Now Targets Facebook Business Accounts on Multiple Browsers
An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims' credentials using a variant of the...
Akira Ransomware Victim: American Steel & Alu minum
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
AZ Mobile Software Color Phone App for Android security bypass | CVE-2023-42468
NAME__________AZ Mobile Software Color Phone App for Android security bypassPlatforms Affected:AZ Mobile Software Color Phone App for Android 2.1.8-2Risk Level:3.3Exploitability:UnprovenConsequences:Bypass...
Blackberry AtHoc Server cross-site scripting | CVE-2023-21523
NAME__________Blackberry AtHoc Server cross-site scriptingPlatforms Affected:BlackBerry AtHoc Server 7.15Risk Level:4.7Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Blackberry AtHoc Server is vulnerable to cross-site scripting, caused...
N-able Take Control Agent security bypass | CVE-2023-27470
NAME__________N-able Take Control Agent security bypassPlatforms Affected:N-able Take Control Agent 7.0.41.1141Risk Level:7Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________N-able Take Control Agent could allow a...
Blackberry AtHoc Server information disclosure | CVE-2023-21520
NAME__________Blackberry AtHoc Server information disclosurePlatforms Affected:BlackBerry AtHoc Server 7.15Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Blackberry AtHoc Server could allow a remote attacker to...
SAP S/4HANA denial of service | CVE-2023-41369
NAME__________SAP S/4HANA denial of servicePlatforms Affected:SAP S/4HANA 100 SAP S/4HANA 101 SAP S/4HANA 102 SAP S/4HANA 103 SAP S/4HANA 104...
Blackberry AtHoc Server SQL injection | CVE-2023-21521
NAME__________Blackberry AtHoc Server SQL injectionPlatforms Affected:BlackBerry AtHoc Server 7.15Risk Level:7.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Blackberry AtHoc Server is vulnerable to SQL injection. A...
Microsoft Windows TCP/IP denial of service | CVE-2023-38149
NAME__________Microsoft Windows TCP/IP denial of servicePlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft...
Blackberry AtHoc Server cross-site scripting | CVE-2023-21522
NAME__________Blackberry AtHoc Server cross-site scriptingPlatforms Affected:BlackBerry AtHoc Server 7.15Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Blackberry AtHoc Server is vulnerable to cross-site scripting, caused...
SAP S/4HANA open redirect | CVE-2023-40306
NAME__________SAP S/4HANA open redirectPlatforms Affected:SAP S/4HANA S4CORE 103 SAP S/4HANA S4CORE 104 SAP S/4HANA S4CORE 105 SAP S/4HANA S4CORE 106Risk...
