CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on January 16, 2024. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: VMware Releases Security Advisory for Aria Operations
VMware Releases Security Advisory for Aria Operations VMware released a security advisory to address a vulnerability (CVE-2023-34063) in Aria Operations....
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
US-CERT Vulnerability Summary for the Week of January 8, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
pyGPOAbuse – Partial Python Implementation Of SharpGPOAbuse
Python partial implementation of SharpGPOAbuse by@pkb1s This tool can be used when a controlled account can modify an existing GPO...
HackerOne Bug Bounty Disclosure: b-bypass-password-confirmation-via-context-dependent-access-control-cdca-b-st-nzyy
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'st0nzyy'Link to Submitters Profile:https://hackerone.com/b'st0nzyy' Report Title:b' Bypass password confirmation via Context-dependent access...
HackerOne Bug Bounty Disclosure: b-error-when-editing-a-calendar-appointment-returns-stacktrace-and-query-b-st-nzyy
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'st0nzyy'Link to Submitters Profile:https://hackerone.com/b'st0nzyy' Report Title:b'Error when editing a calendar appointment returns...
HackerOne Bug Bounty Disclosure: b-h-oberlo-least-privileged-user-can-cancel-account-owner-s-subscription-via-post-on-payments-subscribe-b-archangel
Company Name: b'Shopify' Company HackerOne URL: https://hackerone.com/shopify Submitted By:b'archangel'Link to Submitters Profile:https://hackerone.com/b'archangel' Report Title:b" Least privileged user can cancel account...
HackerOne Bug Bounty Disclosure: b-bruteforce-protection-in-password-verification-can-be-bypassed-b-taise
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'taise'Link to Submitters Profile:https://hackerone.com/b'taise' Report Title:b'Bruteforce protection in password verification can be...
Critical Vulnerabilities in Siemens Products
Siemens has released security updates addressing critical vulnerabilities (CVE-2023-51438 and CVE-2023-49621) in their SIMATIC IPC and SIMATIC NC 4100 products. The...
Active Exploitation of Critical Vulnerability in VMware’s Aria Automation
VMware has released security updates addressing a critical vulnerability (CVE-2023-34063) in VMware Aria Automation. The vulnerability has a Common Vulnerability...
Active Exploitation of Zero-Day Vulnerability in Citrix’s Netscaler ADC and Gateway Products
Citrix has released security updates addressing a zero-day vulnerability (CVE-2023-6549) in their Netscaler ADC and Gateway products. The vulnerability is...
CISA: VMware Releases Security Advisory for Aria Operations
VMware Releases Security Advisory for Aria Operations VMware released a security advisory to address a vulnerability (CVE-2023-34063) in Aria Operations....
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions
The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by...
Combating IP Leaks into AI Applications with Free Discovery and Risk Reduction Automation
Wing Security announced today that it now offers free discovery and a paid tier for automated control over thousands of...
Medusa Locker Ransomware Victim: Stone, Avant & Daniels
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Akira Ransomware Victim: Becker Logistics
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Webinar: The Art of Privilege Escalation – How Hackers Become Admins
In the digital age, the battleground for security professionals is not only evolving, it's expanding at an alarming rate. The...
Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying...
New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone
Cybersecurity researchers have identified a "lightweight method" called iShutdown for reliably identifying signs of spyware on Apple iOS devices, including...
Citrix Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
Google Chrome Multiple Vulnerabilities
Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
