Daily Vulnerability Trends: Sat Sep 03 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-36804Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before...
OSINT
Samsung discloses a second data breach this year
Electronics giant Samsung has confirmed a new data breach after some of its US systems were compromised in July. After...
HIVE Ransomware Victim: Eurocell
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Buzzing in the Background: BumbleBee, a New Modular Backdoor Evolved From BookWorm
In March 2021, we investigated a backdoor with a unique modular architecture and called it BumbleBee due to a string...
The Prynt Stealer malware contains a secret backdoor. Crooks steal data from other cybercriminals
The information-stealing malware Prynt Stealer contains a backdoor that allows stealing the data it has infiltrated from victims. Zscaler researchers...
LockBit 3.0 Ransomware Victim: peakinternational[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
CISA: CISA, NSA, and ODNI Release Part One of Guidance on Securing the Software Supply Chain
CISA, NSA, and ODNI Release Part One of Guidance on Securing the Software Supply Chain CISA, the National Security Agency...
CISA: Mozilla Releases Security Update for Thunderbird
Mozilla Releases Security Update for Thunderbird Mozilla has released security update to address a vulnerability in Thunderbird. An attacker could...
Another Ransomware For Linux Likely In Development
Uptycs researchers recently spotted a new Linux ransomware that appears to be under active development. The Uptycs Threat Research team...
Experts link Raspberry Robin Malware to Evil Corp cybercrime gang
Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers...
Aced – Tool to parse and resolve a single targeted Active Directory principal’s DACL
Aced is a tool to parse and resolve a single targeted Active Directory principal's DACL. Aced will identify interesting inbound...
Google Chrome issue allows overwriting the clipboard content
A security issue in the Google Chrome browser could allow malicious web pages to automatically overwrite clipboard content. A vulnerability...
Cobalt Stike Beacon Detected – 172[.]87[.]30[.]180:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]210[.]113[.]43:444
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 42[.]192[.]144[.]49:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Attack infrastructure used in Cisco hack linked to Evil Corp affiliate
Researchers discovered that the infrastructure used in Cisco hack was the same used to target a Workforce Management Solution firm....
Daily Vulnerability Trends: Fri Sep 02 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-2544The Ninja Job Board WordPress plugin before 1.3.3 does not protect the...
Researchers analyzed a new JavaScript skimmer used by Magecart threat actors
Researchers from Cyble analyzed a new, highly evasive JavaScript skimmer used by Magecart threat actors. Cyble Research & Intelligence Labs...
Metaverse Broadband Infrastructure Security
The metaverse is coming—but what does that mean for network infrastructure? We explore expected changes, network challenges, and tips for...
HIVE Ransomware Victim: NCG Medical
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
CISA: CISA releases two Industrial Control Systems Advisories
CISA releases two Industrial Control Systems Advisories CISA has released two Industrial Control Systems (ICS) advisories on September 01, 2022....
Ragnar Locker ransomware gang claims to have stolen data from TAP Air Portugal
The Ragnar Locker ransomware gang claims to have hacked the Portuguese state-owned flag carrier airline TAP Air Portugal and stolen...
1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials
Researchers discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials. Researchers from Broadcom Symantec’s Threat Hunter...
Autodeauth – A Tool Built To Automatically Deauth Local Networks
A tool built to automatically deauth local networks Tested on Raspberry Pi OS and Kali Linux Setup $ chmod +x...
