CISA: Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways
Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways Ivanti has released a security update to address an...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
BlackCat/ALPHV Ransomware Victim: Builcore
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
EmploLeaks – An OSINT Tool That Helps Detect Members Of A Company With Leaked Credentials
This is a tool designed for Open Source Intelligence (OSINT) purposes, which helps to gather information about employees of...
HackerOne Bug Bounty Disclosure: b-reflected-xss-on-https-www-useast-a-tiktok-com-ug-incentive-share-hd-b-ashrafabdelrazik
Company Name: b'TikTok' Company HackerOne URL: https://hackerone.com/tiktok Submitted By:b'ashrafabdelrazik'Link to Submitters Profile:https://hackerone.com/b'ashrafabdelrazik' Report Title:b'Reflected XSS On 'Report Link:https://hackerone.com/reports/2178061Date Submitted:12 January...
HackerOne Bug Bounty Disclosure: b-internal-blind-server-side-request-forgery-ssrf-allows-scanning-internal-ports-b-callmed
Company Name: b'Mozilla Core Services' Company HackerOne URL: https://hackerone.com/mozilla_core_services Submitted By:b'callmed0_4'Link to Submitters Profile:https://hackerone.com/b'callmed0_4' Report Title:b'Internal Blind Server-Side Request Forgery...
Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families
As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two...
Medusa Ransomware on the Rise: From Data Leaks to Multi-Extortion
The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data...
Urgent: GitLab Releases Patch for Critical Vulnerabilities – Update ASAP
GitLab has released security updates to address two critical vulnerabilities, including one that could be exploited to take over accounts...
Ransomware Review November 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Atomic Stealer Distributed To Mac Users Via Fake Browser Updates
Atomic Stealer, also known as AMOS, is a popular stealer for Mac OS. Back in September, we described how malicious...
Malvertisers Zoom In On Cryptocurrencies And Initial Access
During the past month, we have observed an increase in the number of malicious ads on Google searches for “Zoom”,...
Associated Press Espn Cbs Among Top Sites Serving Fake Virus Alerts
ScamClub is a threat actor who’s been involved in malvertising activities since 2018. Chances are you probably ran into one...
Ransomware Review January 2024
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
New Metastealer Malvertising Campaigns
MetaStealer is a popular piece of malware that came out in 2022, levering previous code base from RedLine. Stealers have...
Pikabot Distributed Via Malicious Ads
During this past year, we have seen an increase in the use of malicious ads (malvertising) and specifically those via...
Atomic Stealer Rings In The New Year With Updated Version
Last year, we documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users....
Ransomware Review December 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Akira Ransomware Victim: Blackburn College
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Vincentz Network
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Applying the Tyson Principle to Cybersecurity: Why Attack Simulation is Key to Avoiding a KO
Picture a cybersecurity landscape where defenses are impenetrable, and threats are nothing more than mere disturbances deflected by a strong...
Trend Micro Apex Central local file include | CVE-2023-52325
NAME__________Trend Micro Apex Central local file includePlatforms Affected:Trend Micro Apex Central 2019Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Trend Micro Apex Central could allow...
Juniper Networks Junos OS denial of service | CVE-2024-21595
NAME__________Juniper Networks Junos OS denial of servicePlatforms Affected:Juniper Networks Junos OS 22.3 Juniper Networks Junos OS 22.4 Juniper Networks Junos...
Juniper Networks Junos OS and Junos OS Evolved denial of service | CVE-2024-21613
NAME__________Juniper Networks Junos OS and Junos OS Evolved denial of servicePlatforms Affected:Juniper Networks Junos OS 21.3 Juniper Networks Junos OS...
