OSINT

CVE Alert: CVE-2024-41596

October 4, 2024

Vulnerability Summary: CVE-2024-41596 Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 (in the Vigor management UI) because of...

CVE Alert: CVE-2024-7826

October 4, 2024

Vulnerability Summary: CVE-2024-7826 Improper Check for Unusual or Exceptional Conditions vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM,...

CVE Alert: CVE-2024-47762

October 4, 2024

Vulnerability Summary: CVE-2024-47762 Backstage is an open framework for building developer portals. Configuration supplied through APP_CONFIG_* environment variables, for example...

CVE Alert: CVE-2024-41595

October 4, 2024

Vulnerability Summary: CVE-2024-41595 DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of...

CVE Alert: CVE-2024-7825

October 4, 2024

Vulnerability Summary: CVE-2024-7825 Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot SecureAnywhere - Web Shield on Windows,...

[DRAGONFORCE] – Ransomware Victim: Lyomark Pharma

October 4, 2024

Ransomware Group: DRAGONFORCE VICTIM NAME: Lyomark Pharma NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[CICADA3301] – Ransomware Victim: Conductive Containers, Inc

October 4, 2024

Ransomware Group: CICADA3301 VICTIM NAME: Conductive Containers, Inc NOTE: No files or stolen information are by RedPacket Security. Any legal...

CVE Alert: CVE-2024-41592

October 4, 2024

Vulnerability Summary: CVE-2024-41592 DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles...

CVE Alert: CVE-2024-41586

October 4, 2024

Vulnerability Summary: CVE-2024-41586 A stack-based Buffer Overflow vulnerability in DrayTek Vigor310 devices through 4.3.2.6 allows a remote attacker to execute...

CVE Alert: CVE-2024-41583

October 4, 2024

Vulnerability Summary: CVE-2024-41583 DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to stored Cross Site Scripting (XSS) by authenticated users due...

CVE Alert: CVE-2024-41589

October 4, 2024

Vulnerability Summary: CVE-2024-41589 DrayTek Vigor310 devices through 4.3.2.6 use unencrypted HTTP for authentication requests. Affected Endpoints: No affected endpoints listed....

CVE Alert: CVE-2024-41584

October 4, 2024

Vulnerability Summary: CVE-2024-41584 DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to reflected XSS by authenticated users, caused by missing validation...

CVE Alert: CVE-2024-9266

October 4, 2024

Vulnerability Summary: CVE-2024-9266 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Express. This vulnerability affects the use of the...

CVE Alert: CVE-2024-41925

October 4, 2024

Vulnerability Summary: CVE-2024-41925 The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly validate user...

CVE Alert: CVE-2024-45367

October 4, 2024

Vulnerability Summary: CVE-2024-45367 The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead...

CVE Alert: CVE-2024-43699

October 4, 2024

Vulnerability Summary: CVE-2024-43699 Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. An unauthenticated attacker may...

CVE Alert: CVE-2024-42417

October 4, 2024

Vulnerability Summary: CVE-2024-42417 Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may...

[KILLSEC] – Ransomware Victim: bbgc[.]gov[.]bd

October 4, 2024

Ransomware Group: KILLSEC VICTIM NAME: bbgcgovbd NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[HUNTERS] – Ransomware Victim: CobelPlast

October 4, 2024

Ransomware Group: HUNTERS VICTIM NAME: CobelPlast NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

Cobalt Strike Beacon Detected – 116[.]62[.]70[.]252:443

October 4, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 47[.]115[.]74[.]19:10001

October 4, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

CVE Alert: CVE-2024-33210

October 4, 2024

Vulnerability Summary: CVE-2024-33210 A cross-site scripting (XSS) vulnerability has been identified in Flatpress 1.3. This vulnerability allows an attacker to...

CVE Alert: CVE-2024-47806

October 4, 2024

Vulnerability Summary: CVE-2024-47806 Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an...

CVE Alert: CVE-2024-47807

October 4, 2024

Vulnerability Summary: CVE-2024-47807 Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `iss` (Issuer) claim of an...

OSINT

CVE Alert: CVE-2024-41596

CVE Alert: CVE-2024-7826

CVE Alert: CVE-2024-47762

CVE Alert: CVE-2024-41595

CVE Alert: CVE-2024-7825

[DRAGONFORCE] – Ransomware Victim: Lyomark Pharma

[CICADA3301] – Ransomware Victim: Conductive Containers, Inc

CVE Alert: CVE-2024-41592

CVE Alert: CVE-2024-41586

CVE Alert: CVE-2024-41583

CVE Alert: CVE-2024-41589

CVE Alert: CVE-2024-41584

CVE Alert: CVE-2024-9266

CVE Alert: CVE-2024-41925

CVE Alert: CVE-2024-45367

CVE Alert: CVE-2024-43699

CVE Alert: CVE-2024-42417

[KILLSEC] – Ransomware Victim: bbgc[.]gov[.]bd

[HUNTERS] – Ransomware Victim: CobelPlast

Cobalt Strike Beacon Detected – 116[.]62[.]70[.]252:443

Cobalt Strike Beacon Detected – 47[.]115[.]74[.]19:10001

CVE Alert: CVE-2024-33210

CVE Alert: CVE-2024-47806

CVE Alert: CVE-2024-47807

[MEDUSA] – Ransomware Victim: Aldagi

[DRAGONFORCE] – Ransomware Victim: The Smile Spa

[DRAGONFORCE] – Ransomware Victim: Grupo DIRIA

[QILIN] – Ransomware Victim: Weathercraft Companies

CVE Alert: CVE-2025-9526 – Linksys – E1700

You may have missed