BlackByte Ransomware Victim: Kirby Risk
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
CISA: VMware Releases Security Update for Tools
VMware Releases Security Update for Tools VMware has released a security update to address a vulnerability in VMware Tools. A...
CISA: CISA Adds One Known Vulnerability to Catalog
CISA Adds One Known Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on August 31, 2023. These...
CISA: CISA and International Partners Release Malware Analysis Report on Infamous Chisel Mobile Malware
CISA and International Partners Release Malware Analysis Report on Infamous Chisel Mobile Malware Today, the United Kingdom’s National Cyber Security...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on September 5, 2023. These...
CISA: CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 Today, CISA, Federal Bureau of...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security advisories to address vulnerabilities affecting multiple Cisco products. A...
CISA: CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack
CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack CISA has released actionable guidance for Federal Civilian...
CISA: CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells
CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells The Cybersecurity and Infrastructure Security Agency (CISA) has...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on September 7, 2023. These...
US-CERT Vulnerability Summary for the Week of August 28, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoearcms -- ear_appAn issue found in Earcms Ear App v.20181124 allows a...
EmploLeaks – Finding Leaked Employees Info for the Win
Developed by Faraday security researchers, this cutting-edge tool utilizes the power of OpenSource Intelligence techniques. EmploLeaks extracts valuable insights by...
Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play
Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that's designed to harvest sensitive...
Cybercriminals Weaponizing Legitimate Advanced Installer Tool in Crypto-Mining Attacks
A legitimate Windows tool used for creating software packages called Advanced Installer is being abused by threat actors to drop...
HackerOne Bug Bounty Disclosure: b-dependency-policy-bypass-via-process-binding-b-leodog
Company Name: b'Internet Bug Bounty' Company HackerOne URL: https://hackerone.com/ibb Submitted By:b'leodog896'Link to Submitters Profile:https://hackerone.com/b'leodog896' Report Title:b'Dependency Policy Bypass via process.binding'Report...
HackerOne Bug Bounty Disclosure: b-permissions-not-respected-when-copying-entire-group-folders-b-carl-schwan
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'carl_schwan'Link to Submitters Profile:https://hackerone.com/b'carl_schwan' Report Title:b'Permissions not respected when copying entire group...
HackerOne Bug Bounty Disclosure: b-argocd-s-web-terminal-session-doesn-t-expire-b-bean-zhang
Company Name: b'Internet Bug Bounty' Company HackerOne URL: https://hackerone.com/ibb Submitted By:b'bean-zhang'Link to Submitters Profile:https://hackerone.com/b'bean-zhang' Report Title:b"Argocd's web terminal session doesn't...
Posh C2 Detected – 170[.]64[.]153[.]219:4443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Tenda N300 Wireless N VDSL2 Modem Router information disclosure | US-CERT VU#304455
NAME__________Tenda N300 Wireless N VDSL2 Modem Router information disclosurePlatforms Affected:Tenda N300 Wireless N VDSL2 Modem RouterRisk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Tenda N300...
HPE Aruba Networking buffer overflow | CVE-2023-38484
NAME__________HPE Aruba Networking buffer overflowPlatforms Affected:Aruba Networks ArubaOS 10.4.0.1 Aruba Networks ArubaOS 8.11.1.0 Aruba Networks ArubaOS 8.10.0.6 Aruba Networks ArubaOS...
HPE Aruba Networking products security bypass | CVE-2023-38486
NAME__________HPE Aruba Networking products security bypassPlatforms Affected:Aruba Networks ArubaOS 10.4.0.1 Aruba Networks ArubaOS 8.11.1.0 Aruba Networks ArubaOS 8.10.0.6 Aruba Networks...
SOCOMEC MODULYS GP cross-site scripting | CVE-2023-38582
NAME__________SOCOMEC MODULYS GP cross-site scriptingPlatforms Affected:Socomec MOD3GP-SY-120K 01.12.10Risk Level:6.3Exploitability:HighConsequences:Obtain Information DESCRIPTION__________SOCOMEC MODULYS GP is vulnerable to cross-site scripting, caused by...
IBM QRadar WinCollect Agent privilege escalation | CVE-2023-38736
NAME__________IBM QRadar WinCollect Agent privilege escalationPlatforms Affected:IBM QRadar WinCollect Agent 10.0 IBM QRadar WinCollect Agent 10.1.6Risk Level:7.5Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________IBM QRadar...
