Signal Disputes Alleged Zero-Day Flaw
The encrypted messaging app Signal has refuted widespread claims of a zero-day software vulnerability. After an investigation, the company has...
Ransomware Targets Unpatched WS_FTP Servers
Unpatched WS_FTP servers exposed to the internet have become prime targets for ransomware attacks, with threat actors exploiting a critical...
Posh C2 Detected – 88[.]210[.]9[.]139:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
US-CERT Vulnerability Summary for the Week of October 9, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info3ds -- teamwork_cloud_no_magic_releaseA Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from...
Gcp_Scanner – A Comprehensive Scanner For Google Cloud
This is a GCP resource scanner that can help determine what level of access certain credentials possess on GCP. The...
HackerOne Bug Bounty Disclosure: b-critical-curl-cve-vulnerability-code-changes-are-disclosed-on-the-internet-b-shelldoit
Company Name: b'curl' Company HackerOne URL: https://hackerone.com/curl Submitted By:b'shelldoit'Link to Submitters Profile:https://hackerone.com/b'shelldoit' Report Title:b' Curl CVE-2023-38545 vulnerability code changes are...
HackerOne Bug Bounty Disclosure: b-inviting-excessive-long-email-addresses-to-a-calendar-event-makes-the-server-unresponsive-b-shuvam
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'shuvam321'Link to Submitters Profile:https://hackerone.com/b'shuvam321' Report Title:b'Inviting excessive long email addresses to a...
Black Basta Ransomware Victim: DOMAIN-BACCARAT_2
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: NCC_2
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Knight Ransomware Victim: GDL Logística Integrada S[.]A
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: Hacketts printing services
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: Decarie Motors Inc
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: Kinesis Film Srl
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: Guhring was hacked[.] Thousands of confidential files stolen[.]
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: Faieta Motorcompany IT
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: AKBASOGLU HOLDING Trans KA
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: BMW Munique Motors
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: Mario de Cecco – Workwear & Corporate Wear IT
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Lenovo Desktop, Smart Edge and ThinkStation products privilege escalation | CVE-2023-45075
NAME__________Lenovo Desktop, Smart Edge and ThinkStation products privilege escalationPlatforms Affected:Lenovo ThinkStation Lenovo Desktop Lenovo Smart EdgeRisk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Lenovo Desktop,...
Lenovo Desktop, Smart Edge and ThinkStation products privilege escalation | CVE-2023-45076
NAME__________Lenovo Desktop, Smart Edge and ThinkStation products privilege escalationPlatforms Affected:Lenovo ThinkStation Lenovo Desktop Lenovo Smart EdgeRisk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Lenovo Desktop,...
SAP S/4HANA Core information disclosure | CVE-2023-42475
NAME__________SAP S/4HANA Core information disclosurePlatforms Affected:SAP S/4Hana Core S4CORE 102 SAP S/4Hana Core S4CORE 103 SAP S/4Hana Core S4CORE 104...
IBM Security Verify Governance file upload | CVE-2023-35903
NAME__________IBM Security Verify Governance file uploadPlatforms Affected:IBM Security Verify Governance 10.0Risk Level:3.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________IBM Security Verify Governance 10.0 could allow...
HCL BigFix Insights for Vulnerability Remediation (IVR) information disclosure | CVE-2022-44757
NAME__________HCL BigFix Insights for Vulnerability Remediation (IVR) information disclosurePlatforms Affected:HCL BigFix IVR 2.0.2Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________HCL BigFix Insights for Vulnerability...
Node.js undici module information disclosure | CVE-2023-45143
NAME__________Node.js undici module information disclosurePlatforms Affected:Node.js undici 5.26.1Risk Level:3.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Node.js undici module could allow a remote authenticated attacker to...
