Apache Hadoop command execution | CVE-2021-25642
NAME Apache Hadoop command execution Platforms Affected:Apache Hadoop 3.0.0-alpha Apache Hadoop 2.9.0 Apache Hadoop 2.10.1 Apache Hadoop 3.3.0 Apache Hadoop...
Moveable Type, Moveable Type Premium, and Moveable Type Advanced command execution | CVE-2022-38078
NAME Moveable Type, Moveable Type Premium, and Moveable Type Advanced command execution Platforms Affected:Six Apart Moveable Type 7.1.4 Six Apart...
UNIMO UDR-JA1004, UNIMO UDR-JA1008, and UNIMO UDR-JA1016 command execution | CVE-2022-35733
NAME UNIMO UDR-JA1004, UNIMO UDR-JA1008, and UNIMO UDR-JA1016 command execution Platforms Affected:UNIMO UDR-JA1004 1.0.20.13 UNIMO UDR-JA1008 1.0.20.13 UNIMO UDR-JA1016 1.0.20.13...
Elasticsearch Elastic Cloud Enterprise information disclosure | CVE-2022-23715
NAME Elasticsearch Elastic Cloud Enterprise information disclosure Platforms Affected:Elasticsearch Elastic Cloud Enterprise 3.3.0Risk Level:8.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Elasticsearch Elastic Cloud Enterprise...
0ktapus phishing campaign: Twilio hackers targeted other 136 organizations
The threat actors behind Twilio and Cloudflare attacks have been linked to a phishing campaign that targeted other 136 organizations. The threat actors...
Daily Vulnerability Trends: Fri Aug 26 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-27925Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives...
LastPass data breach: threat actors stole a portion of source code
Password management software firm LastPass has suffered a data breach, threat actors have stole source code and other data. Password...
HIVE Ransomware Victim: Altice International
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Cobalt Stike Beacon Detected – 45[.]204[.]1[.]25:8001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 176[.]113[.]83[.]83:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 175[.]178[.]41[.]176:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]60[.]161[.]55:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 198[.]13[.]63[.]137:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 110[.]40[.]181[.]54:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]37[.]173[.]172:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]227[.]252[.]236:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
ZTNA vs VPN: Secure Remote Work & Access – SASE Part 2
Explore the drivers behind switching from VPN to Zero Trust Network Access (ZTNA) for any device access from anywhere. If...
Unlocking Serverless with AWS Lambda and IAM
Learn how Lambda and IAM unlock the power and versatility of the cloud by implementing a serverless User API that...
New Golang Ransomware Agenda Customizes Attacks
A new piece of ransomware written in the Go language has been targeting healthcare and education enterprises in Asia and...
LastPass Security Alert Compromised Development Area
LastPass have released the below statement regarding a compromise to the development environment. Dear valued customer,We are writing to inform...
CISA: CISA Adds Ten Known Exploited Vulnerabilities to Catalog
CISA Adds Ten Known Exploited Vulnerabilities to Catalog CISA has added ten new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on...
Nobelium APT uses new Post-Compromise malware MagicWeb
Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered...
HackerOne Bug Bounty Disclosure: default-login-credentials-on-https://broadbandmaps-mtn-com-gh/bytheranger
Programme HackerOne MTN Group MTN Group Submitted by theranger theranger Report Default Login Credentials on https://broadbandmaps.mtn.com.gh/ Full Report A considerable...
HackerOne Bug Bounty Disclosure: pause-based-desync-in-apache-httpdbyalbinowax
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by albinowax albinowax Report Pause-based desync in Apache HTTPD Full Report...
