Daily Vulnerability Trends: Tue Jul 25 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-38408The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently...
OSINT
How is the Dark Web Reacting to the AI Revolution?
A quick search for “ChatGPT” on the dark web and Telegram shows 27,912 mentions in the past six months. Much...
Norwegian government IT systems hacked using zero-day flaw
The Norwegian government is warning that its ICT platform used by 12 ministries has suffered a cyberattack after hackers exploited...
Zenbleed attack leaks sensitive data from AMD Zen2 processors
Google's security researcher Tavis Ormandy discovered a new vulnerability impacting AMD Zen2 CPUs that could allow a malicious actor to...
Ivanti patches MobileIron zero-day bug exploited in attacks
US-based IT software company Ivanti has patched an actively exploited zero-day vulnerability impacting its Endpoint Manager Mobile (EPMM) mobile device management...
Flipper Zero now has an app store to install third-party apps
The Flipper Zero team has launched its very own 'Flipper Apps' mobile app store, allowing mobile users to install 3rd-party...
JumpCloud hack linked to North Korea after OPSEC mistake
A hacking unit of North Korea's Reconnaissance General Bureau (RGB) was linked to the JumpCloud breach after the attackers made...
Lazarus hackers hijack Microsoft IIS servers to spread malware
The North Korean state-sponsored Lazarus hacking group is breaching Windows Internet Information Service (IIS) web servers to hijack them for...
Tigo – 700,394 breached accounts
HIBP In Mid-2023, 300GB of data containing over 100M records from the Chinese video chat platform "Tigo" dating back to...
CISA: Adobe Releases Security Updates for ColdFusion
Adobe Releases Security Updates for ColdFusion Adobe has released security updates to address a critical vulnerability (CVE-2023-38203) affecting ColdFusion(link is...
CISA: Citrix Releases Security Updates for NetScaler ADC and Gateway
Citrix Releases Security Updates for NetScaler ADC and Gateway Citrix has released security updates to address vulnerabilities (CVE-2023-3519, CVE-2023-3466, and...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for July...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on July 18, 2023. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519
CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519 The Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity...
CISA: Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078
Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078 A vulnerability discovered in Ivanti Endpoint Manager Mobile (EPMM, previously...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on July 20, 2023. This...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Atlassian Releases Security Updates
Atlassian Releases Security Updates Atlassian has released its Security Bulletin for July 2023(link is external) to address vulnerabilities in Confluence Data...
LockBit 3.0 Ransomware Victim: ebpsupply[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
8 Base Ransomware Victim: EJM Engineered Systems
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
8 Base Ransomware Victim: Exbon Development, Inc
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Daily Vulnerability Trends: Mon Jul 24 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-3519Unauthenticated remote code execution CVE-2023-34960 No description provided CVE-2023-38408The PKCS#11 feature in...
CISA warns govt agencies to patch Adobe ColdFusion servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on...
