CISA: CISA Releases Analysis of FY22 Risk and Vulnerability Assessments
CISA Releases Analysis of FY22 Risk and Vulnerability Assessments CISA has released an analysis and infographic detailing the findings from...
CISA: Ivanti Releases Security Updates for EPMM to address CVE-2023-35081
Ivanti Releases Security Updates for EPMM to address CVE-2023-35081 Ivanti has identified and released patches for a directory traversal vulnerability(link is...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on July 27, 2023. These...
CISA: CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse
CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse The Australian Signals Directorate’s Australian Cyber...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Mozilla Releases Security Updates for Firefox and Firefox ESR
Mozilla Releases Security Updates for Firefox and Firefox ESR Mozilla has released security updates to address vulnerabilities for Firefox 116,...
CISA: CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities
CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities The Cybersecurity and Infrastructure...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on August 1, 2023. This...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: CISA Releases Malware Analysis Reports on Barracuda Backdoors
CISA Releases Malware Analysis Reports on Barracuda Backdoors CISA has published three malware analysis reports on malware variants associated with...
US-CERT Vulnerability Summary for the Week of July 24, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infobiltay_technology -- scienta Improper Neutralization of Special Elements used in an SQL...
KRBUACBypass – UAC Bypass By Abusing Kerberos Tickets
This POC is inspired by James Forshaw (@tiraniddo) shared at BlackHat USA 2022 titled “Taking Kerberos To The Next Level...
CISA: Mozilla Releases Security Updates for Firefox and Firefox ESR
Mozilla Releases Security Updates for Firefox and Firefox ESR Mozilla has released security updates to address vulnerabilities for Firefox 116,...
Russian Cyber Adversary BlueCharlie Alters Infrastructure in Response to Disclosures
A Russa-nexus adversary has been linked to 94 new domains, suggesting that the group is actively modifying its infrastructure in...
Phishers Exploit Salesforce’s Email Services Zero-Day in Targeted Facebook Campaign
A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce's email services, allowing threat actors to...
Researchers Uncover AWS SSM Agent Misuse as a Covert Remote Access Trojan
Cybersecurity researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows the AWS Systems Manager Agent...
Industrial Control Systems Vulnerabilities Soar: Over One-Third Unpatched in 2023
About 34% of security vulnerabilities impacting industrial control systems (ICSs) that were reported in the first half of 2023 have...
Top Industries Significantly Impacted by Illicit Telegram Networks
In recent years the rise of illicit activities conducted within online messaging platforms has become a growing concern for countless...
Akira Ransomware Victim: Parathon by JDA eHea lth Systems
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: unicorpusa[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
WPFunnels Plugin for WordPress cross-site scripting | CVE-2023-37977
NAME__________WPFunnels Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WPFunnels Plugin for WordPress 2.7.16Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________WPFunnels Plugin for WordPress is vulnerable...
Multiple plugins for WordPress by Inisev cross-site request forgery | CVE-2023-0958
NAME__________Multiple plugins for WordPress by Inisev cross-site request forgeryPlatforms Affected:WordPress Inisev Plugins for WordPressRisk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Multiple plugins for WordPress...
Apple Music for Android information disclosure | CVE-2023-28203
NAME__________Apple Music for Android information disclosurePlatforms Affected:Apple Music for Android 4.1.0Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apple Music for Android could allow a...
Variation Images Gallery for WooCommerce Plugin for WordPress cross-site scripting | CVE-2023-37894
NAME__________Variation Images Gallery for WooCommerce Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Variation Images Gallery for WooCommerce Plugin for WordPress 2.3.3Risk...
