Cobalt Strike Beacon Detected – 121[.]43[.]227[.]196:88
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 45[.]182[.]189[.]105:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 101[.]43[.]166[.]60:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 103[.]96[.]75[.]73:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
[FUNKSEC] – Ransomware Victim: forum-rainbow-rp[.]forumotion[.]eu
Ransomware Group: FUNKSEC VICTIM NAME: forum-rainbow-rpforumotioneu NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[CACTUS] – Ransomware Victim: mgainnovation[.]com
Ransomware Group: CACTUS VICTIM NAME: mgainnovationcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2024-12510
Vulnerability Summary: CVE-2024-12510 If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires...
CVE Alert: CVE-2024-57967
Vulnerability Summary: CVE-2024-57967 PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 has potentially elevated privileges...
CVE Alert: CVE-2024-56161
Vulnerability Summary: CVE-2024-56161 Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator...
CVE Alert: CVE-2024-54840
Vulnerability Summary: CVE-2024-54840 PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 does not properly address...
CVE Alert: CVE-2024-57175
Vulnerability Summary: CVE-2024-57175 A Stored Cross-Site Scripting (XSS) vulnerability was identified in the PHPGURUKUL Online Birth Certificate System v1.0 via...
CVE Alert: CVE-2024-12511
Vulnerability Summary: CVE-2024-12511 With address book access, SMB/FTP settings could be modified, redirecting scans and possibly capturing credentials. This requires...
CVE Alert: CVE-2024-12859
Vulnerability Summary: CVE-2024-12859 The BoomBox Theme Extensions plugin for WordPress is vulnerable to Local File Inclusion in all versions up...
CVE Alert: CVE-2024-11132
Vulnerability Summary: CVE-2024-11132 The Eventer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to,...
CVE Alert: CVE-2024-11133
Vulnerability Summary: CVE-2024-11133 The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability...
CVE Alert: CVE-2024-11134
Vulnerability Summary: CVE-2024-11134 The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability...
[CACTUS] – Ransomware Victim: rashtiandrashti[.]com
Ransomware Group: CACTUS VICTIM NAME: rashtiandrashticom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[CACTUS] – Ransomware Victim: cornwelltools[.]com
Ransomware Group: CACTUS VICTIM NAME: cornwelltoolscom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: alojaimi[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: alojaimicom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: heartlandrvs[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: heartlandrvscom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: gaheritagefcu[.]org
Ransomware Group: RANSOMHUB VICTIM NAME: gaheritagefcuorg NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: www[.]aswgr[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: wwwaswgrcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2024-56946
Vulnerability Summary: CVE-2024-56946 Denial of service in DNS-over-QUIC in Technitium DNS Server
CVE Alert: CVE-2024-57968
Vulnerability Summary: CVE-2024-57968 Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that...
