CACTUS Ransomware Victim: www[.]astrolighting[.]com
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
OSINT
CACTUS Ransomware Victim: www[.]orthumbau[.]de
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
ShadowSyndicate hackers linked to multiple ransomware ops, 85 servers
Security researchers have identified infrastructure belonging to a threat actor now tracked as ShadowSyndicate, who likely deployed seven different ransomware families...
Can we fix the weaknesses in password-based authentication?
In password-based authentication, end-users confirm their identity using login credentials, commonly a unique username, and a secret password. These credentials...
SickKids impacted by BORN Ontario data breach that hit 3.4 million
The Hospital for Sick Children, more commonly known as SickKids, is among healthcare providers that were impacted by the recent breach...
New AtlasCross hackers use American Red Cross as phishing lure
A new APT hacking group named 'AtlasCross' targets organizations with phishing lures impersonating the American Red Cross to deliver backdoor...
New ZeroFont phishing tricks Outlook into showing fake AV-scans
Hackers are utilizing a new trick of using zero-point fonts in emails to make malicious emails appear as safely scanned...
Hackers actively exploiting Openfire flaw to encrypt servers
Hackers are actively exploiting a high-severity vulnerability in Openfire messaging servers to encrypt servers with ransomware and deploy cryptominers. Openfire...
Sony investigates cyberattack as hackers fight over who’s responsible
Sony says that it is investigating allegations of a cyberattack this week as different hackers have stepped up to claim responsibility for...
Google assigns new maximum rated CVE to libwebp bug exploited in attacks
Google has assigned a new CVE ID (CVE-2023-5129) to a libwebp security vulnerability exploited as a zero-day in attacks and...
KnockKnock – Enumerate Valid Users Within Microsoft Teams And OneDrive With Clean Output
Designed to validate potential usernames by querying OneDrive and/or Microsoft Teams, which are passive methods. Additionally, it can output/create a...
AtlasReaper – A Command-Line Tool For Reconnaissance And Targeted Write Operations On Confluence And Jira Instances
AtlasReaper is a command-line tool developed for offensive security purposes, primarily focused on reconnaissance of Confluence and Jira. It...
8 Base Ransomware Victim: SUD TRADING COMPANY
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
8 Base Ransomware Victim: WEBBER RESTAURANT GROUP
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Google is retiring its Gmail Basic HTML view in January 2024
Google is notifying Gmail users that the webmail's Basic HTML view will be deprecated in January 2024, and users will...
BORN Ontario child registry data breach affects 3.4 million people
The Better Outcomes Registry & Network (BORN), a healthcare organization funded by the government of Ontario, has announced that it is...
Xenomorph Android malware now targets U.S. banks and crypto wallets
Security researchers discovered a new campaign that distributes a new version of the Xenomorph malware to Android users in the...
Mixin Network suspends operations following $200 million hack
Mixin Network, an open-source, peer-to-peer transactional network for digital assets, has announced today on Twitter that deposits and withdrawals are...
Brute Ratel C4 Detected – :
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
New Report Uncovers 3 Distinct Clusters of China-Nexus Attacks on Southeast Asian Government
An unnamed Southeast Asian government has been targeted by multiple China-nexus threat actors as part of espionage campaigns targeting the...
From Watering Hole to Spyware: EvilBamboo Targets Tibetans, Uyghurs, and Taiwanese
Tibetan, Uyghur, and Taiwanese individuals and organizations are the targets of a persistent campaign orchestrated by a threat actor codenamed...
Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals
Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based...
Webinar — AI vs. AI: Harnessing AI Defenses Against AI-Powered Risks
Generative AI is a double-edged sword, if there ever was one. There is broad agreement that tools like ChatGPT are...
