Chinese Hackers Exploit VMware Zero-Day to Backdoor Windows and Linux Systems
The Chinese state-sponsored group known as UNC3886 has been found to exploit a zero-day flaw in VMware ESXi hosts to...
Where from, Where to — The Evolution of Network Security
For the better part of the 90s and early aughts, the sysadmin handbook said, "Filter your incoming traffic, not everyone...
Daily Threat Intelligence – June 14 – 2023
A new case of an impersonation attack emerged in the last 24 hours. Cybercriminals were found mimicking cybersecurity researchers on...
CISA: CISA and Partners Release Joint Advisory on Understanding Ransomware Threat Actors: LockBit
CISA and Partners Release Joint Advisory on Understanding Ransomware Threat Actors: LockBit Today, CISA, the Federal Bureau of Investigation (FBI),...
Severe Vulnerabilities Reported in Microsoft Azure Bastion and Container Registry
Two "dangerous" security vulnerabilities have been disclosed in Microsoft Azure Bastion and Azure Container Registry that could have been exploited...
Where from, Where to — The Evolution of Network Security
For the better part of the 90s and early aughts, the sysadmin handbook said, "Filter your incoming traffic, not everyone...
Where from, Where to — The Evolution of Network Security
For the better part of the 90s and early aughts, the sysadmin handbook said, "Filter your incoming traffic, not everyone...
Webinar – Mastering API Security: Understanding Your True Attack Surface
Believe it or not, your attack surface is expanding faster than you realize. How? APIs, of course! More formally known...
Fake Researcher Profiles Spread Malware through GitHub Repositories as PoC Exploits
At least half of dozen GitHub accounts from fake researchers associated with a fraudulent cybersecurity company have been observed pushing...
Critical Security Vulnerability Discovered in WooCommerce Stripe Gateway Plugin
A security flaw has been uncovered in the WooCommerce Stripe Gateway WordPress plugin that could lead to the unauthorized disclosure...
New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs
A new Golang-based information stealer called Skuld has compromised Windows systems across Europe, Southeast Asia, and the U.S. "This new...
LockBit 3.0 Ransomware Victim: nosm[.]ca
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: rammutual[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: gslelectric[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: eriematerials[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: prioritydispatch[.]net
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 194[.]50[.]153[.]114:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
D-Link DIR-600 command execution | CVE-2023-33625
NAME__________D-Link DIR-600 command executionPlatforms Affected:D-Link DIR-600 B5 2.18Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________D-Link DIR-600 could allow a remote attacker to execute arbitrary...
D-Link DIR-600 buffer overflow | CVE-2023-33626
NAME__________D-Link DIR-600 buffer overflowPlatforms Affected:D-Link DIR-600 B5 2.18Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________D-Link DIR-600 is vulnerable to a stack-based buffer overflow, caused...
WP Register Profile With Shortcode plugin for WordPress cross-site scripting | CVE-2023-23818
NAME__________WP Register Profile With Shortcode plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WP Register Profile With Shortcode Plugin for WordPress 3.5.7Risk...
Linux Kernel denial of service | CVE-2023-3161
NAME__________Linux Kernel denial of servicePlatforms Affected:Linux Kernel 6.2 Linux Kernel 6.3.0 Linux Kernel 6.4-rc5Risk Level:5.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Linux Kernel is...
AMI BMC code execution | CVE-2023-34341
NAME__________AMI BMC code executionPlatforms Affected:AMI MegaRAC SPX 12 AMI MegaRAC SPX 13Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________AMI BMC could allow a remote...
WP Directory Kit plugin for WordPress security bypass | CVE-2023-2351
NAME__________WP Directory Kit plugin for WordPress security bypassPlatforms Affected:WordPress WP Directory Kit Plugin for WordPress 1.2.2Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________WP Directory...
Fortinet FortiOS and FortiProxy information disclosure | CVE-2022-41327
NAME__________Fortinet FortiOS and FortiProxy information disclosurePlatforms Affected:Fortinet FortiOS 7.0.0 Fortinet FortiProxy 7.0.0 Fortinet FortiOS 7.2.0 Fortinet FortiProxy 7.2.0 Fortinet FortiProxy...
