CISA: CISA Releases Fact Sheet on Effort to Revise the National Cyber Incident Response Plan (NCIRP)
CISA Releases Fact Sheet on Effort to Revise the National Cyber Incident Response Plan (NCIRP) Today, the Cybersecurity and Infrastructure...
CISA: CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities Today, CISA, in response to active, widespread exploitation, released...
CISA: Mozilla Releases Security Advisories for Multiple Products
Mozilla Releases Security Advisories for Multiple Products Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Apple Releases Security Advisories for Multiple Products
Apple Releases Security Advisories for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. A cyber...
CISA: VMware Releases Security Advisory for vCenter Server
VMware Releases Security Advisory for vCenter Server VMware released a security advisory for a vulnerability (CVE-2023-34048) affecting the VMware vCenter...
CISA: CISA Releases Nine Industrial Control Systems Advisories
CISA Releases Nine Industrial Control Systems Advisories CISA released nine Industrial Control Systems (ICS) advisories on October 26, 2023. These...
US-CERT Vulnerability Summary for the Week of October 16, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info1e -- platformAffected 1E Platform versions have a Blind SQL Injection vulnerability...
PathFinder – Tool That Provides Information About A Website
Web Path Finder is a Python program that provides information about a website. It retrieves various details such as page...
Record-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset Flaw
Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks that exploited a recently disclosed flaw...
iLeakage: New Safari Exploit Impacts Apple iPhones and Macs with A and M-Series CPUs
A group of academics has devised a novel side-channel attack dubbed iLeakage that exploits a weakness in the A- and...
HackerOne Bug Bounty Disclosure: b-flickr-api-key-leaked-in-github-commit-b-m-y-nk
Company Name: b'Mozilla Core Services' Company HackerOne URL: https://hackerone.com/mozilla_core_services Submitted By:b'm4y4nk'Link to Submitters Profile:https://hackerone.com/b'm4y4nk' Report Title:b'Flickr API key leaked in...
HackerOne Bug Bounty Disclosure: b-rce-on-ingress-nginx-controller-via-ingress-spec-rules-http-paths-path-field-b-ginoah
Company Name: b'Kubernetes' Company HackerOne URL: https://hackerone.com/kubernetes Submitted By:b'ginoah'Link to Submitters Profile:https://hackerone.com/b'ginoah' Report Title:b'RCE on ingress-nginx-controller via Ingress spec.rules.http.paths.path field'Report...
CISA: Apple Releases Security Advisories for Multiple Products
Apple Releases Security Advisories for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. A cyber...
CISA: CISA Releases Nine Industrial Control Systems Advisories
CISA Releases Nine Industrial Control Systems Advisories CISA released nine Industrial Control Systems (ICS) advisories on October 26, 2023. These...
Play Ransomware Victim: Laiho Group
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware
The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a...
The Danger of Forgotten Pixels on Websites: A New Case Study
While cyberattacks on websites receive much attention, there are often unaddressed risks that can lead to businesses facing lawsuits and...
Critical Flaw in NextGen’s Mirth Connect Could Expose Healthcare Data
Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest...
Aruba Networks ClearPass Policy Manager SQL injection | CVE-2023-43507
NAME__________Aruba Networks ClearPass Policy Manager SQL injectionPlatforms Affected:Risk Level:7.2Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Aruba Networks ClearPass Policy Manager is vulnerable to SQL injection....
Aruba Networks ClearPass Policy Manager open redirect | CVE-2023-43509
NAME__________Aruba Networks ClearPass Policy Manager open redirectPlatforms Affected:Risk Level:5.8Exploitability:UnprovenConsequences:Other DESCRIPTION__________Aruba Networks ClearPass Policy Manager could allow a remote attacker to...
Aruba Networks ClearPass Policy Manager command execution | CVE-2023-43510
NAME__________Aruba Networks ClearPass Policy Manager command executionPlatforms Affected:Risk Level:4.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Aruba Networks ClearPass Policy Manager could allow a remote authenticated...
Aruba Networks ClearPass Policy Manager privilege escalation | CVE-2023-43506
NAME__________Aruba Networks ClearPass Policy Manager privilege escalationPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Aruba Networks ClearPass Policy Manager could allow a local authenticated...
Aruba Networks ClearPass Policy Manager privilege escalation | CVE-2023-43508
NAME__________Aruba Networks ClearPass Policy Manager privilege escalationPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Aruba Networks ClearPass Policy Manager could allow a remote authenticated...
