CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: Adobe Releases Security Updates for Multiple Products
Adobe Releases Security Updates for Multiple Products Adobe has released security updates to address multiple vulnerabilities in Adobe software. An...
CISA: Microsoft Releases August 2023 Security Updates
Microsoft Releases August 2023 Security Updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can...
CISA: Fortinet Releases Security Update for FortiOS
Fortinet Releases Security Update for FortiOS Fortinet has released a security update to address a vulnerability (CVE-2023-29182) affecting FortiOS. A...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on August 8, 2023. These...
US-CERT Vulnerability Summary for the Week of July 31, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoyunyecms -- yunyecmsSQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to...
Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs
Cybersecurity researchers have disclosed details of a trio of side-channel attacks that could be exploited to leak sensitive data from...
China-Linked Hackers Strike Worldwide: 17 Nations Hit in 3-Year Cyber Campaign
Hackers associated with China's Ministry of State Security (MSS) have been linked to attacks in 17 different countries in Asia,...
Digital assets continue to be prime target for malvertisers
Cyber-criminals continue to impersonate brands via well-crafted phishing websites. We previously covered attacks on both consumers and businesses via online searches...
Diamond Model for Threat Hunting?
Introduction Background of Threat Hunting Threat hunting is a proactive and iterative approach to detecting and isolating advanced threats that...
New Report Exposes Vice Society’s Collaboration with Rhysida Ransomware
Tactical similarities have been unearthed between the double extortion ransomware group known as Rhysida and Vice Society, including in their...
Malicious Campaigns Exploit Weak Kubernetes Clusters for Crypto Mining
Exposed Kubernetes (K8s) clusters are being exploited by malicious actors to deploy cryptocurrency miners and other backdoors. Cloud security firm...
U.K. Electoral Commission Breach Exposes Voter Data of 40 Million Britons
The U.K. Electoral Commission on Tuesday disclosed a "complex" cyber attack on its systems that went undetected for over a...
Continuous Security Validation with Penetration Testing as a Service (PTaaS)
Validate security continuously across your full stack with Pen Testing as a Service. In today's modern security operations center (SOC),...
LockBit 3.0 Ransomware Victim: unitycouncil[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Microsoft Windows Common Log File System Driver privilege escalation | CVE-2023-36900
NAME__________Microsoft Windows Common Log File System Driver privilege escalationPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows...
Mediatek products denial of service | CVE-2023-20793
NAME__________Mediatek products denial of servicePlatforms Affected:MediaTek Android MediaTek ChipsetsRisk Level:4.4Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Mediatek products are vulnerable to a denial of...
Microsoft Windows LDAP code execution | CVE-2023-38184
NAME__________Microsoft Windows LDAP code executionPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft Windows...
Foswiki directory traversal | CVE-2023-33756
NAME__________Foswiki directory traversalPlatforms Affected:Foswiki Foswiki 2.1.7Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Foswiki could allow a remote attacker to traverse directories on the system,...
Multiple Intel processors denial of service | CVE-2023-43505
NAME__________Multiple Intel processors denial of servicePlatforms Affected:Intel Xeon Processor D Family Intel Pentium Processor J Series Intel Pentium Processor N...
Microsoft Office code execution | CVE-2023-35371
NAME__________Microsoft Office code executionPlatforms Affected:Microsoft Office Online Server Microsoft Office 2019 x32 Microsoft Office 2019 x64 Microsoft Office 2019 Mac...
Adobe Acrobat and Adobe Reader code execution | CVE-2023-38233
NAME__________Adobe Acrobat and Adobe Reader code executionPlatforms Affected:Adobe Acrobat DC 23.003.20244 Adobe Acrobat Reader DC 23.003.20244 Adobe Acrobat 2020 20.005.30467...
Intel NUC BIOS firmware privilege escalation | CVE-2023-34349
NAME__________Intel NUC BIOS firmware privilege escalationPlatforms Affected:Intel NUC Kit NUC7i3BNH Intel NUC Kit NUC7i3BNK Intel NUC Kit NUC7i3BNHX1 Intel NUC...
Microsoft Windows Reliability Analysis Metrics Calculation Engine (RACEng) privilege escalation | CVE-2023-35379
NAME__________Microsoft Windows Reliability Analysis Metrics Calculation Engine (RACEng) privilege escalationPlatforms Affected:Microsoft Windows Server for X64-based systems 2008 R2 SP1 Microsoft...
