US-CERT Vulnerability Summary for the Week of August 7, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info phoenixcontact -- wp_6xxx_series In PHOENIX CONTACTs WP 6xxx series web panels...
threatintel
Bryobio – NETWORK Pcap File Analysis
NETWORK Pcap File Analysis, It was developed to speed up the processes of SOC Analysts during analysis Tested OK DebianOK...
CISA: Juniper Releases Security Advisory for Multiple Vulnerabilities in Junos OS
Juniper Releases Security Advisory for Multiple Vulnerabilities in Junos OS Juniper has released a security advisory to address vulnerabilities in...
New Wave of Attack Campaign Targeting Zimbra Email Users for Credential Theft
A new "mass-spreading" social engineering campaign is targeting users of the Zimbra Collaboration email server with an aim to collect...
14 Suspected Cybercriminals Arrested Across Africa in Coordinated Crackdown
A coordinated law enforcement operation across 25 African countries has led to the arrest of 14 suspected cybercriminals, INTERPOL announced...
The Vulnerability of Zero Trust: Lessons from the Storm 0558 Hack
While IT security managers in companies and public administrations rely on the concept of Zero Trust, APTS (Advanced Persistent Threats)...
Google Chrome’s New Feature Alerts Users About Auto-Removal of Malicious Extensions
Google has announced plans to add a new feature in the upcoming version of its Chrome web browser to alert...
New BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools
Microsoft on Thursday disclosed that it found a new version of the BlackCat ransomware (aka ALPHV and Noberus) that embeds...
Catching up with WoofLocker, the most elaborate traffic redirection scheme to tech support scams
Back in January 2020, we blogged about a tech support scam campaign dubbed WoofLocker that was by far using the...
Akira Ransomware Victim: RIMSS
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Microsoft PowerShell Gallery vulnerable to spoofing, supply chain attacks
Lax policies for package naming on Microsoft’s PowerShell Gallery code repository allow threat actors to perform typosquatting attacks, spoof popular...
Hackers ask $120,000 for access to multi-billion auction house
Hackers claim to have breached the network of a major auction house and offered access to whoever was willing to...
Phishing campaign steals accounts for Zimbra email servers worlwide
An ongoing phishing campaign has been underway since at least April 2023 that attempts to steal credentials for Zimbra Collaboration...
Triple Extortion Ransomware and the Cybercrime Supply Chain
Ransomware attacks continue to grow both in sophistication and quantity. 2023 has already seen more ransomware attacks involving data exfiltration...
Thousands of Android APKs use compression trick to thwart analysis
Threat actors increasingly distribute malicious Android APKs (packaged app installers) that resist decompilation using unsupported, unknown, or heavily tweaked compression...
iMenu360 – 3,425,860 breached accounts
HIBP In approximately late 2022, 3.4M customer records from iMenu360 ("The world's #1 most trusted online ordering platform") were exposed....
NoFilter Attack: Sneaky Privilege Escalation Method Bypasses Windows Security
A previously undetected attack method called NoFilter has been found to abuse the Windows Filtering Platform (WFP) to achieve privilege...
CISA: Fortinet Releases Security Update for FortiOS
Fortinet Releases Security Update for FortiOS Fortinet has released a security update to address a vulnerability (CVE-2023-29182) affecting FortiOS. A...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on August 8, 2023. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on August 15, 2023. These...
CISA: CISA Releases Twelve Industrial Control Systems Advisories
CISA Releases Twelve Industrial Control Systems Advisories CISA released twelve Industrial Control Systems (ICS) advisories on August 10, 2023. These...
CISA: CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan
CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan Today, CISA released the Remote Monitoring and Management (RMM)...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on August 17, 2023. These...
