CVE Alert: CVE-2024-41592
Vulnerability Summary: CVE-2024-41592 DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles...
CVE Alert: CVE-2024-41584
Vulnerability Summary: CVE-2024-41584 DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to reflected XSS by authenticated users, caused by missing validation...
CVE Alert: CVE-2024-43699
Vulnerability Summary: CVE-2024-43699 Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. An unauthenticated attacker may...
CVE Alert: CVE-2024-45367
Vulnerability Summary: CVE-2024-45367 The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead...
CVE Alert: CVE-2024-41925
Vulnerability Summary: CVE-2024-41925 The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly validate user...
CVE Alert: CVE-2024-9266
Vulnerability Summary: CVE-2024-9266 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Express. This vulnerability affects the use of the...
CVE Alert: CVE-2024-42417
Vulnerability Summary: CVE-2024-42417 Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may...
[KILLSEC] – Ransomware Victim: bbgc[.]gov[.]bd
Ransomware Group: KILLSEC VICTIM NAME: bbgcgovbd NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Unlocking the Secrets of Cryptographic Protocols
Cryptographic protocols lie at the heart of securing communications in our increasingly digital world. From online banking to secure messaging...
Phishing Attacks Surge: Attackers Bypass Security Measures with New Tactics
Phishing attacks are on the rise, with a remarkable 28% increase observed in Q2 2024 compared to the previous quarter....
FIN7 Gang Exploits AI Deepfake Sites to Spread Malware
The FIN7 gang is exploiting AI deepfake sites to deceive users into downloading malware, according to a recent report by...
Crypto-Doubling Scams Exploit Recent Presidential Debate Insights
In the wake of the recent presidential debate, a concerning rise in crypto-doubling scams has emerged, as security researchers alert...
Litespeed Cache Plugin Vulnerability: Immediate Update Required to Prevent XSS Attack
A recently discovered vulnerability in the Litespeed Cache plugin poses serious security risks, allowing attackers to execute unauthorized actions on...
CeranaKeeper: A Growing Cyber Threat to Thai Government Networks
CeranaKeeper has been discovered as a significant threat group targeting Thai government institutions. This newly identified faction engages in sophisticated...
Cybersecurity Spending Increases, Yet Leaders Still Report Vulnerability
Despite an increase in cybersecurity budgets, many security leaders feel vulnerable in the evolving threat landscape, according to Red Canary's...
Northern Ireland Police Data Leak Results in £750,000 Fine from ICO
The recent data leak involving the Police Service of Northern Ireland has raised significant concerns regarding procedural failings that exposed...
Microsoft and US Government Disrupt Star Blizzard Operations to Protect US Elections
In a landmark operation, Microsoft, in conjunction with the US government, has taken decisive action against the Russian threat actor...
[HUNTERS] – Ransomware Victim: CobelPlast
Ransomware Group: HUNTERS VICTIM NAME: CobelPlast NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Cobalt Strike Beacon Detected – 47[.]115[.]74[.]19:10001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 116[.]62[.]70[.]252:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2024-47611
Vulnerability Summary: CVE-2024-47611 XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows (MinGW-w64 or...
CVE Alert: CVE-2024-47612
Vulnerability Summary: CVE-2024-47612 DataDump is a MediaWiki extension that provides dumps of wikis. Several interface messages are unescaped (more specifically,...
CVE Alert: CVE-2024-47807
Vulnerability Summary: CVE-2024-47807 Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `iss` (Issuer) claim of an...
CVE Alert: CVE-2024-47806
Vulnerability Summary: CVE-2024-47806 Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an...
