CISA: Fortinet Releases Security Update for FortiOS
Fortinet Releases Security Update for FortiOS Fortinet has released a security update to address a vulnerability (CVE-2023-29182) affecting FortiOS. A...
Citrix Hypervisor Security Bulletin for CVE-2023-20569, CVE-2023-34319 and CVE-2022-40982
Description of Problem An issue has been discovered in Citrix Hypervisor 8.2 CU1 LTSR that may allow malicious, privileged code...
HackerOne Bug Bounty Disclosure: b-usernames-still-visible-on-report-export-pdf-despite-i-want-to-redact-all-usernames-is-selected-b-japz
Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'japz'Link to Submitters Profile:https://hackerone.com/b'japz' Report Title:b'Usernames still visible on report export pdf...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on August 8, 2023. These...
QakBot Malware Operators Expand C2 Network with 15 New Servers
The operators associated with the QakBot (aka QBot) malware have set up 15 new command-and-control (C2) servers as of late...
Hackers Abusing Cloudflare Tunnels for Covert Communications
New research has revealed that threat actors are abusing Cloudflare Tunnels to establish covert communication channels from compromised hosts and...
Medusa Locker Ransomware Victim: Emerson School District
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Understanding Active Directory Attack Paths to Improve Security
Introduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning...
LOLBAS in the Wild: 11 Living-Off-The-Land Binaries That Could Be Used for Malicious Purposes
Cybersecurity researchers have discovered a set of 11 living-off-the-land binaries-and-scripts (LOLBAS) that could be maliciously abused by threat actors to...
New Yashma Ransomware Variant Targets Multiple English-Speaking Countries
An unknown threat actor is using a variant of the Yashma ransomware to target various entities in English-speaking countries, Bulgaria,...
Akira Ransomware Victim: Räddningstjänsten Vä stra Blekinge
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Koury Engineering
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Papel Prensa SA
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
VMware Horizon Server information disclosure | CVE-2023-34038
NAME__________VMware Horizon Server information disclosurePlatforms Affected:VMware Horizon Server 2303 VMware Horizon Server 2212 VMware Horizon Server 2209 VMware Horizon Server...
VMware Horizon Server request smuggling | CVE-2023-34037
NAME__________VMware Horizon Server request smugglingPlatforms Affected:VMware Horizon Server 2303 VMware Horizon Server 2212 VMware Horizon Server 2209 VMware Horizon Server...
PHP information disclosure | CVE-2023-3823
NAME__________PHP information disclosurePlatforms Affected:PHP PHP 8.1.21 PHP PHP 8.0.29Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________PHP could allow a remote attacker to obtain sensitive...
Cloudflare odoh-rs denial of service | CVE-2023-3766
NAME__________Cloudflare odoh-rs denial of servicePlatforms Affected:Cloudflare odoh-rs 1.0.1Risk Level:5.9Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Cloudflare odoh-rs is vulnerable to a denial of service,...
Codesys products denial of service | CVE-2023-37548
NAME__________Codesys products denial of servicePlatforms Affected:CODESYS Control for BeagleBone SL CODESYS Control for emPC-A/iMX6 SL CODESYS Control for IOT2000 SL...
Codesys products denial of service | CVE-2023-37558
NAME__________Codesys products denial of servicePlatforms Affected:CODESYS Control for BeagleBone SL CODESYS Control for emPC-A/iMX6 SL CODESYS Control for IOT2000 SL...
Codesys products security bypass | CVE-2023-37551
NAME__________Codesys products security bypassPlatforms Affected:CODESYS Control for BeagleBone SL CODESYS Control for emPC-A/iMX6 SL CODESYS Control for IOT2000 SL CODESYS...
PHPJabbers Night Club Booking cross-site scripting | CVE-2023-4114
NAME__________PHPJabbers Night Club Booking cross-site scriptingPlatforms Affected:PHPJabbers Night Club Booking 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PHPJabbers Night Club Booking is vulnerable to...
Fabasoft Cloud Enterprise Client privilege escalation | CVE-2023-32764
NAME__________Fabasoft Cloud Enterprise Client privilege escalationPlatforms Affected:Fabasoft Cloud Enterprise Client 23.3.0.130Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Fabasoft Cloud Enterprise Client could allow a...
Codesys products denial of service | CVE-2023-37552
NAME__________Codesys products denial of servicePlatforms Affected:CODESYS Control for BeagleBone SL CODESYS Control for emPC-A/iMX6 SL CODESYS Control for IOT2000 SL...
Codesys products denial of service | CVE-2023-37555
NAME__________Codesys products denial of servicePlatforms Affected:CODESYS Control for BeagleBone SL CODESYS Control for emPC-A/iMX6 SL CODESYS Control for IOT2000 SL...
