Cybercriminals Combine Phishing and EV Certificates to Deliver Ransomware Payloads
The threat actors behind RedLine and Vidar information stealers have been observed pivoting to ransomware through phishing campaigns that spread...
Google Agrees to $93 Million Settlement in California’s Location-Privacy Lawsuit
Google has agreed to pay $93 million to settle a lawsuit filed by the U.S. state of California over allegations...
The Interdependence between Automated Threat Intelligence Collection and Humans
The volume of cybersecurity vulnerabilities is rising, with close to 30% more vulnerabilities found in 2022 vs. 2018. Costs are...
NodeStealer Malware Now Targets Facebook Business Accounts on Multiple Browsers
An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims' credentials using a variant of the...
Akira Ransomware Victim: American Steel & Alu minum
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
AZ Mobile Software Color Phone App for Android security bypass | CVE-2023-42468
NAME__________AZ Mobile Software Color Phone App for Android security bypassPlatforms Affected:AZ Mobile Software Color Phone App for Android 2.1.8-2Risk Level:3.3Exploitability:UnprovenConsequences:Bypass...
Blackberry AtHoc Server cross-site scripting | CVE-2023-21523
NAME__________Blackberry AtHoc Server cross-site scriptingPlatforms Affected:BlackBerry AtHoc Server 7.15Risk Level:4.7Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Blackberry AtHoc Server is vulnerable to cross-site scripting, caused...
N-able Take Control Agent security bypass | CVE-2023-27470
NAME__________N-able Take Control Agent security bypassPlatforms Affected:N-able Take Control Agent 7.0.41.1141Risk Level:7Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________N-able Take Control Agent could allow a...
Blackberry AtHoc Server information disclosure | CVE-2023-21520
NAME__________Blackberry AtHoc Server information disclosurePlatforms Affected:BlackBerry AtHoc Server 7.15Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Blackberry AtHoc Server could allow a remote attacker to...
SAP S/4HANA denial of service | CVE-2023-41369
NAME__________SAP S/4HANA denial of servicePlatforms Affected:SAP S/4HANA 100 SAP S/4HANA 101 SAP S/4HANA 102 SAP S/4HANA 103 SAP S/4HANA 104...
Blackberry AtHoc Server SQL injection | CVE-2023-21521
NAME__________Blackberry AtHoc Server SQL injectionPlatforms Affected:BlackBerry AtHoc Server 7.15Risk Level:7.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Blackberry AtHoc Server is vulnerable to SQL injection. A...
Microsoft Windows TCP/IP denial of service | CVE-2023-38149
NAME__________Microsoft Windows TCP/IP denial of servicePlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft...
Blackberry AtHoc Server cross-site scripting | CVE-2023-21522
NAME__________Blackberry AtHoc Server cross-site scriptingPlatforms Affected:BlackBerry AtHoc Server 7.15Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Blackberry AtHoc Server is vulnerable to cross-site scripting, caused...
SAP S/4HANA open redirect | CVE-2023-40306
NAME__________SAP S/4HANA open redirectPlatforms Affected:SAP S/4HANA S4CORE 103 SAP S/4HANA S4CORE 104 SAP S/4HANA S4CORE 105 SAP S/4HANA S4CORE 106Risk...
Lenovo XClarity Controller (XCC) privilege escalation | CVE-2023-4607
NAME__________Lenovo XClarity Controller (XCC) privilege escalationPlatforms Affected:Lenovo XClarity Controller (XCC)Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Lenovo XClarity Controller (XCC) could allow a remote...
Awesome Weather Widget Plugin for WordPress cross-site scripting | CVE-2023-4944
NAME__________Awesome Weather Widget Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Awesome Weather Widget plugin for WordPress 3.0.2Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Awesome Weather...
Lenovo XClarity Controller (XCC) security bypass | CVE-2023-4606
NAME__________Lenovo XClarity Controller (XCC) security bypassPlatforms Affected:Lenovo XClarity Controller (XCC)Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Lenovo XClarity Controller (XCC) could allow a remote...
Microsoft Windows TCP/IP information disclosure | CVE-2023-38160
NAME__________Microsoft Windows TCP/IP information disclosurePlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft Windows...
Fortinet FortiWeb code execution | CVE-2023-34984
NAME__________Fortinet FortiWeb code executionPlatforms Affected:Fortinet FortiWeb 7.0.0 Fortinet FortiWeb 6.4 Fortinet FortiWeb 7.0.6 Fortinet FortiWeb 7.2.0 Fortinet FortiWeb 7.2.1 Fortinet...
Trellix Data Loss Prevention for Windows privilege escalation | CVE-2023-4814
NAME__________Trellix Data Loss Prevention for Windows privilege escalationPlatforms Affected:Trellix Data Loss Prevention for Windows 11.10Risk Level:7.1Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Trellix Data Loss...
Fortinet FortiManager and FortiAnalyzer information disclosure | CVE-2023-36638
NAME__________Fortinet FortiManager and FortiAnalyzer information disclosurePlatforms Affected:Fortinet FortiManager VM 6.2.0 Fortinet FortiManager 7.0.0 Fortinet FortiManager 6.4.0 Fortinet FortiManager 7.2.0 Fortinet...
Proofpoint Insider Threat Management cross-site scripting | CVE-2023-4802
NAME__________Proofpoint Insider Threat Management cross-site scriptingPlatforms Affected:Proofpoint Insider Threat Management Server 7.11.0 Proofpoint Insider Threat Management Server 7.10.2 Proofpoint Insider...
Palo Alto Networks Cortex XDR Agent denial of service | CVE-2023-3280
NAME__________Palo Alto Networks Cortex XDR Agent denial of servicePlatforms Affected:Palo Alto Networks Cortex XDR Agent 5.0 Palo Alto Networks Cortex...
Fortinet FortiTester information disclosure | CVE-2023-40717
NAME__________Fortinet FortiTester information disclosurePlatforms Affected:Fortinet FortiTester 7.2 Fortinet FortiTester 7.1 Fortinet FortiTester 7.0 Fortinet FortiTester 4.2 Fortinet FortiTester 4.1 Fortinet...
