Cisco IOS XR Software denial of service | CVE-2023-20233
NAME__________Cisco IOS XR Software denial of servicePlatforms Affected:Cisco IOS XR 7.4 Cisco IOS XR 7.5 Cisco IOS XR software 7.9...
WP User Control Plugin for WordPress security bypass | CVE-2023-4915
NAME__________WP User Control Plugin for WordPress security bypassPlatforms Affected:WordPress WP User Control Plugin for WordPress 1.5.3Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________WP User...
Cisco IOS XR code execution | CVE-2023-20236
NAME__________Cisco IOS XR code executionPlatforms Affected:Cisco IOS XR software 7.9 Cisco IOS XR 7.10Risk Level:6.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Cisco IOS XR could...
Cisco IOS XR Software security bypass | CVE-2023-20190
NAME__________Cisco IOS XR Software security bypassPlatforms Affected:Cisco IOS XR 7.4 Cisco IOS XR 7.5 Cisco IOS XR software 7.9 Cisco...
NOESCAPE Ransomware Victim: EDUCAL, SA de CV
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
NOESCAPE Ransomware Victim: Fondation Vincent De Paul
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Daily Vulnerability Trends: Thu Sep 14 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-4039 A failure in the -fstack-protector feature in GCC-based toolchains that target...
Hackers use new 3AM ransomware to save failed LockBit attack
A new ransomware strain called 3AM has been uncovered after a threat actor used it in an attack that failed...
Hackers steal $53 million worth of cryptocurrency from CoinEx
Global cryptocurrency exchange CoinEX announced that someone hacked its hot wallets and stole large amounts of digital assets that were used...
New Windows 11 feature blocks NTLM-based attacks over SMB
Microsoft added a new security feature to Windows 11 that lets admins block NTLM over SMB to prevent pass-the-hash, NTLM...
France demands Apple pull iPhone 12 due to high RF radiation levels
The Agence Nationale des Fréquences (ANFR) has asked Apple to withdraw iPhone 12 smartphones from the French market because the...
Rollbar discloses data breach after hackers stole access tokens
Software bug-tracking company Rollbar disclosed a data breach after unknown attackers hacked its systems in early August and gained access...
How end-user phishing training works (and why it doesn’t)
It always takes two for a phishing attack to work – an attacker to send the bait and an insider...
CISA Publishes Plan to Enhance Open Source Security
A leading US security agency has released a long-awaited plan detailing how it will enhance open source security for both...
UK ICO and NCSC Set to Share Anonymized Threat Intelligence
The UK’s data protection regulator and its leading security agency have signed an agreement to cooperate more closely on cyber...
Microsoft Fixes Two Zero-Day Bugs Used in Attacks
Microsoft patched two zero-day vulnerabilities being actively exploited in the wild as part of its September Patch Tuesday yesterday.The first...
MGM Criticized for Repeated Security Failures
As the dust settles for MGM and systems are restored following a suspected cyber-attack, cybersecurity experts are now scrutinizing the...
US-CERT Vulnerability Summary for the Week of September 4, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocanonical_ltd. -- snapd_for_linuxUsing the TIOCLINUX ioctl request, a malicious snap could inject...
KaliPackergeManager – Kali Packerge Manager
kalipm.sh is a powerful package management tool for Kali Linux that provides a user-friendly menu-based interface to simplify the installation...
HackerOne Bug Bounty Disclosure: b-multiple-cross-site-scripting-xss-vulnerabilities-in-revive-adserver-b-l-stb-t
Company Name: b'Revive Adserver' Company HackerOne URL: https://hackerone.com/revive_adserver Submitted By:b'l4stb1t'Link to Submitters Profile:https://hackerone.com/b'l4stb1t' Report Title:b'Multiple cross-site scripting (XSS) vulnerabilities in...
HackerOne Bug Bounty Disclosure: b-cve-http-header-allocation-dos-b-selmelc
Company Name: b'curl' Company HackerOne URL: https://hackerone.com/curl Submitted By:b'selmelc'Link to Submitters Profile:https://hackerone.com/b'selmelc' Report Title:b'CVE-2023-38039: HTTP header allocation DOS'Report Link:https://hackerone.com/reports/2072338Date Submitted:13...
HackerOne Bug Bounty Disclosure: b-request-english-versions-of-web-pages-for-enhanced-privacy-keeps-previous-grayed-out-settings-b-andreien
Company Name: b'Tor' Company HackerOne URL: https://hackerone.com/torproject Submitted By:b'andreien'Link to Submitters Profile:https://hackerone.com/b'andreien' Report Title:b"'Request English versions of web pages for...
HackerOne Bug Bounty Disclosure: b-information-disclosure-pvt-gitlab-issue-disclosing-through-gitlab-unfiltered-youtube-channel-b-mrrajputhacker
Company Name: b'GitLab' Company HackerOne URL: https://hackerone.com/gitlab Submitted By:b'mrrajputhacker2'Link to Submitters Profile:https://hackerone.com/b'mrrajputhacker2' Report Title:b'Information Disclosure - Pvt Gitlab Issue Disclosing...
HackerOne Bug Bounty Disclosure: b-idor-authorization-bypass-in-lockreport-mutation-for-public-reports-b-verw-tch
Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'0verw4tch'Link to Submitters Profile:https://hackerone.com/b'0verw4tch' Report Title:b'IDOR: Authorization Bypass in LockReport Mutation for...
