CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on August 1, 2023. This...
CISA: CISA Releases Malware Analysis Reports on Barracuda Backdoors
CISA Releases Malware Analysis Reports on Barracuda Backdoors CISA has published three malware analysis reports on malware variants associated with...
CISA: Mozilla Releases Security Updates for Multiple Products
Mozilla Releases Security Updates for Multiple Products Mozilla has released security updates to address vulnerabilities for Firefox 116, Firefox ESR...
CISA: CISA Releases its Cybersecurity Strategic Plan
CISA Releases its Cybersecurity Strategic Plan Today, CISA released a strategic plan to lay out how we will fulfill our...
CISA: CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities
CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities The Cybersecurity and Infrastructure...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on August 3, 2023. These...
CISA: CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022
CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022 The U.S. Cybersecurity and...
US-CERT Vulnerability Summary for the Week of July 24, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infobiltay_technology -- scienta Improper Neutralization of Special Elements used in an SQL...
IMDShift – Automates Migration Process Of Workloads To IMDSv2 To Avoid SSRF Attacks
AWS workloads that rely on the metadata endpoint are vulnerable to Server-Side Request Forgery (SSRF) attacks. IMDShift automates the migration...
CISA: CISA Releases its Cybersecurity Strategic Plan
CISA Releases its Cybersecurity Strategic Plan Today, CISA released a strategic plan to lay out how we will fulfill our...
NYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex Hack
A married couple from New York City has pleaded guilty to money laundering charges in connection with the 2016 hack...
Webinar – Making PAM Great Again: Solving the Top 5 Identity Team PAM Challenges
Privileged Access Management (PAM) solutions are widely acknowledged as the gold standard for securing critical privileged accounts. However, many security...
Malicious npm Packages Found Exfiltrating Sensitive Data from Developers
Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate...
Akira Ransomware Victim: Venture General Agen cy
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: ohiohistory[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: pointpleasant[.]k12[.]nj[.]us
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Viatom ViHealth App for Android code execution | CVE-2023-36351
NAME__________Viatom ViHealth App for Android code executionPlatforms Affected:Viatom ViHealth App for Android 2.74.58Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Viatom ViHealth App for Android...
Silverstripe Admin Module cross-site scripting |
NAME__________Silverstripe Admin Module cross-site scriptingPlatforms Affected:SilverStripe Silverstripe Admin Module 1.13.5Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Silverstripe Admin Module is vulnerable to cross-site scripting,...
Silverstripe Framework security bypass | CVE-2023-32302
NAME__________Silverstripe Framework security bypassPlatforms Affected:SilverStripe Silverstripe Framework 4.13.13 SilverStripe Silverstripe Framework 5.0.12Risk Level:5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Silverstripe Framework could allow a remote...
Online Shopping Portal Project SQL injection | CVE-2023-37772
NAME__________Online Shopping Portal Project SQL injectionPlatforms Affected:PHPGurukul Shopping Portal Project 3.1Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Online Shopping Portal Project is vulnerable to...
GreenShot code execution | CVE-2023-34634
NAME__________GreenShot code executionPlatforms Affected:GreenShot GreenShot 1.2.10Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________GreenShot could allow a remote attacker to execute arbitrary code on the...
OMRON CX-Programmer code execution | CVE-2023-38748
NAME__________OMRON CX-Programmer code executionPlatforms Affected:Omron CX-Programmer 9.80Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________OMRON CX-Programmer could allow a remote attacker to execute arbitrary code...
Broadcom Brocade Fabric OS privilege escalation | CVE-2023-31432
NAME__________Broadcom Brocade Fabric OS privilege escalationPlatforms Affected:Broadcom Brocade Fabric OS 8.2.1 Broadcom Brocade Fabric OS 8.2.3Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Broadcom Brocade...
procps-ng procps denial of service | CVE-2023-4016
NAME__________procps-ng procps denial of servicePlatforms Affected:procps-ng procpsRisk Level:3.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________procps-ng procps is vulnerable to a denial of service, caused...
