Cobalt Strike Beacon Detected – 124[.]221[.]248[.]167:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
[ABYSS] – Ransomware Victim: tolsa[.]com
Ransomware Group: ABYSS VICTIM NAME: tolsacom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?
Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these...
Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware
As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack...
CVE Alert: CVE-2024-20437
Vulnerability Summary: CVE-2024-20437 A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote...
CVE Alert: CVE-2024-20436
Vulnerability Summary: CVE-2024-20436 A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature...
CVE Alert: CVE-2024-20480
Vulnerability Summary: CVE-2024-20480 A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric...
CVE Alert: CVE-2024-20455
Vulnerability Summary: CVE-2024-20455 A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD)...
CVE Alert: CVE-2024-20434
Vulnerability Summary: CVE-2024-20434 A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial...
CVE Alert: CVE-2024-20475
Vulnerability Summary: CVE-2024-20475 A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could...
CVE Alert: CVE-2024-20464
Vulnerability Summary: CVE-2024-20464 A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XE Software could allow an...
CVE Alert: CVE-2024-20510
Vulnerability Summary: CVE-2024-20510 A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for Wireless Controllers...
CVE Alert: CVE-2024-20467
Vulnerability Summary: CVE-2024-20467 A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could...
CVE Alert: CVE-2024-20465
Vulnerability Summary: CVE-2024-20465 A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on Cisco Industrial...
Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities
An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting,...
Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign
Nation-state threat actors backed by Beijing broke into a "handful" of U.S. internet service providers (ISPs) as part of a...
CVE Alert: CVE-2024-20508
Vulnerability Summary: CVE-2024-20508 A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS...
CVE Alert: CVE-2024-20496
Vulnerability Summary: CVE-2024-20496 A vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software could allow an unauthenticated,...
CVE Alert: CVE-2024-47315
Vulnerability Summary: CVE-2024-47315 Cross-Site Request Forgery (CSRF) vulnerability in GiveWP.This issue affects GiveWP: from n/a through 3.15.1. Affected Endpoints: No...
CVE Alert: CVE-2024-8975
Vulnerability Summary: CVE-2024-8975 Unquoted Search Path or Element vulnerability in Grafana Alloy on Windows allows Privilege Escalation from Local User...
CVE Alert: CVE-2024-8996
Vulnerability Summary: CVE-2024-8996 Unquoted Search Path or Element vulnerability in Grafana Agent (Flow mode) on Windows allows Privilege Escalation from...
CVE Alert: CVE-2024-47305
Vulnerability Summary: CVE-2024-47305 Cross-Site Request Forgery (CSRF) vulnerability in Dnesscarkey Use Any Font allows Cross Site Request Forgery.This issue affects...
CVE Alert: CVE-2024-47082
Vulnerability Summary: CVE-2024-47082 Strawberry GraphQL is a library for creating GraphQL APIs. Prior to version 0.243.0, multipart file upload support...
CVE Alert: CVE-2024-46488
Vulnerability Summary: CVE-2024-46488 sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npy_token_next function. This vulnerability allows...
