CISA: CISA and NSA Release New Guidance on Identity and Access Management
CISA and NSA Release New Guidance on Identity and Access Management Today, CISA and the National Security Agency (NSA) published...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Atlassian Releases Security Advisory for Confluence Data Center and Server
Atlassian Releases Security Advisory for Confluence Data Center and Server Atlassian released a security advisory to address a vulnerability affecting...
CISA: NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations
NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations Today, the National Security Agency (NSA) and Cybersecurity and Infrastructure...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on October 5, 2023. These...
Posh C2 Detected – 198[.]37[.]103[.]67:6443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
US-CERT Vulnerability Summary for the Week of September 25, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoaccusoft -- imagegearAn out-of-bounds write vulnerability exists in the tiff_planar_adobe functionality of...
Dissect – Digital Forensics, Incident Response Framework And Toolset That Allows You To Quickly Access And Analyse Forensic Artefacts From Various Disk And File Formats
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic...
HackerOne Bug Bounty Disclosure: b-mysupport-informatica-com-reflected-xss-b-mtk
Company Name: b'Informatica' Company HackerOne URL: https://hackerone.com/informatica Submitted By:b'mtk0308'Link to Submitters Profile:https://hackerone.com/b'mtk0308' Report Title:b' - reflected XSS'Report Link:https://hackerone.com/reports/39069Date Submitted:05 October...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems
Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign...
QakBot Threat Actors Still in Action, Using Ransom Knight and Remcos RAT in Latest Attacks
Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing...
Atlassian Confluence Hit by New Actively Exploited Zero-Day – Patch Now
Atlassian has released fixes to contain an actively exploited critical zero-day flaw impacting publicly accessible Confluence Data Center and Server...
Guyana Governmental Entity Hit by DinodasRAT in Cyber Espionage Attack
A governmental entity in Guyana has been targeted as part of a cyber espionage campaign dubbed Operation Jacana. The activity,...
Analysis and Config Extraction of Lu0Bot, a Node.js Malware with Considerable Capabilities
Nowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a...
Apple Rolls Out Security Patches for Actively Exploited iOS Zero-Day Flaw
Apple on Wednesday rolled out security patches to address a new zero-day flaw in iOS and iPadOS that it said...
CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities (KEV)...
GoldDigger Android Trojan Targets Banking Apps in Asia Pacific Countries
A new Android banking trojan named GoldDigger has been found targeting several financial applications with an aim to siphon victims'...
Akira Ransomware Victim: Gruskin Group
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
IBM FileNet Content Manager cross-site scripting | CVE-2023-35905
NAME__________IBM FileNet Content Manager cross-site scriptingPlatforms Affected:IBM FileNet Content Manager 5.5.8 IBM FileNet Content Manager 5.5.10 IBM FileNet Content Manager...
IBM Disconnected Log Collector information disclosure | CVE-2022-22447
NAME__________IBM Disconnected Log Collector information disclosurePlatforms Affected:IBM Disconnected Log Collector 1.0 IBM Disconnected Log Collector 1.8.2Risk Level:4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Disconnected...
Images Slideshow by 2J plugin for WordPress cross-site scripting | CVE-2023-44242
NAME__________Images Slideshow by 2J plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Images Slideshow by 2J plugin for WordPress 1.3.54 WordPress Images...
phpMyFAQ cross-site scripting | CVE-2023-5320
NAME__________phpMyFAQ cross-site scriptingPlatforms Affected:phpMyFAQ phpMyFAQ 2.9.0 phpMyFAQ phpMyFAQ 2.9.6 phpMyFAQ phpMyFAQ 2.9.8 phpMyFAQ phpMyFAQ 2.9.9 phpMyFAQ phpMyFAQ 2.9.10 phpMyFAQ phpMyFAQ...
