St Helens Council Warns of Phishing After Ransomware Breach
A UK local authority has warned citizens to watch out for follow-on scams after it was breached in a ransomware...
Sextortion Scams Surge 178% in a Year
Security researchers have detected a 178% increase in sextortion emails between the first half of 2022 and the same period...
Sensitive Data of 10 Million at Risk After French Employment Agency Breach
The French national employment agency, Pôle emploi, has been hit by a cyber-attack potentially exposing critical information of up to...
FBI Flags $40M Crypto Cash-Out Plot By North Korean Hackers
The Federal Bureau of Investigation (FBI) has issued a stark warning to cryptocurrency firms regarding a surge in blockchain activity...
NIST Publishes Draft Post-Quantum Cryptography Standards
Draft post-quantum cryptography (PQC) standards have been published by the US National Institute of Standards and Technology (NIST). The new...
Data of 2.6 Million Duolingo Users Leaked on Hacking Forum
Data from 2.6 million users of Duolingo, a language learning platform with over 74 million monthly users, has been leaked...
New Study Sheds Light on Adhubllka Ransomware Network
Cybersecurity researchers have unveiled a complex web of interconnected ransomware strains that trace their origins back to a common source:...
SevenRooms – 1,205,385 breached accounts
HIBP In December 2022, over 400GB of data belonging to restaurant customer management platform SevenRooms was posted for sale to...
US-CERT Vulnerability Summary for the Week of August 14, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infofoldingathome -- client_advanced_controlAn issue was discovered in FoldingAtHome Client Advanced Control GUI...
Holehe – Tool To Check If The Mail Is Used On Different Sites Like Twitter, Instagram And Will Retrieve Information On Sites With The Forgotten Password Function
Holehe Online Version Summary Efficiently finding registered accounts from emails. Holehe checks if an email is attached to an account...
HackerOne Bug Bounty Disclosure: b-improper-access-control-on-linkedin-page-b-cybergoddess
Company Name: b'LinkedIn' Company HackerOne URL: https://hackerone.com/linkedin Submitted By:b'cybergoddess'Link to Submitters Profile:https://hackerone.com/b'cybergoddess' Report Title:b'Improper access control on Linkedin Page'Report Link:https://hackerone.com/reports/1587246Date...
HackerOne Bug Bounty Disclosure: b-a-unverified-user-can-post-newsletter-which-is-not-allowed-through-application-ui-b-tushar
Company Name: b'LinkedIn' Company HackerOne URL: https://hackerone.com/linkedin Submitted By:b'tushar6378'Link to Submitters Profile:https://hackerone.com/b'tushar6378' Report Title:b'A Unverified User Can Post Newsletter (Which...
HackerOne Bug Bounty Disclosure: b-cache-poisoning-allows-redirection-on-js-files-b-youstin
Company Name: b'Glassdoor' Company HackerOne URL: https://hackerone.com/glassdoor Submitted By:b'youstin'Link to Submitters Profile:https://hackerone.com/b'youstin' Report Title:b'Cache Poisoning allows redirection on JS files'Report...
HackerOne Bug Bounty Disclosure: b-idor-allows-an-attacker-to-delete-anyone-s-featured-photo-b-adilnbabras
Company Name: b'LinkedIn' Company HackerOne URL: https://hackerone.com/linkedin Submitted By:b'adilnbabras'Link to Submitters Profile:https://hackerone.com/b'adilnbabras' Report Title:b"IDOR allows an attacker to delete anyone's...
HackerOne Bug Bounty Disclosure: b-an-attacker-can-flag-draft-job-posts-and-can-disclose-the-draft-job-posts-details-similar-to-resolved-report-b-tushar
Company Name: b'LinkedIn' Company HackerOne URL: https://hackerone.com/linkedin Submitted By:b'tushar6378'Link to Submitters Profile:https://hackerone.com/b'tushar6378' Report Title:b'An Attacker Can Flag Draft Job Posts...
HackerOne Bug Bounty Disclosure: b-attackers-can-use-trial-premium-only-by-paying-idr-from-the-original-price-of-idr-per-month-b-find-me-here
Company Name: b'LinkedIn' Company HackerOne URL: https://hackerone.com/linkedin Submitted By:b'find_me_here'Link to Submitters Profile:https://hackerone.com/b'find_me_here' Report Title:b'Attackers can use TRIAL Premium only by...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on August 24, 2023. These...
DarkGate reloaded via malvertising and SEO poisoning campaigns
In July 2023, we observed a malvertising campaign that lured potential victims to a fraudulent site for a Windows IT management...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injection | CVE-2023-37436
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injectionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injection | CVE-2023-37434
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injectionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injection | CVE-2023-37429
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injectionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
Netgear NMS300 command execution |
NAME__________Netgear NMS300 command executionPlatforms Affected:NETGEAR NMS300Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Netgear NMS300 could allow a remote attacker to execute arbitrary commands on...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator server-side request forgery | CVE-2023-37440
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator server-side request forgeryPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect...
Pandora FMS file upload | CVE-2023-24517
NAME__________Pandora FMS file uploadPlatforms Affected:Artica Pandora FMS 767Risk Level:6.4Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________Pandora FMS could allow a remote authenticated attacker to upload...
