Building automation giant Johnson Controls hit by ransomware attack
Johnson Controls International has suffered what is described as a massive ransomware attack that encrypted many of the company devices,...
threatintel
Google fixes fifth actively exploited Chrome zero-day of 2023
Google has patched the fifth Chrome zero-day vulnerability exploited in attacks since the start of the year in emergency security...
SSH keys stolen by stream of malicious PyPI and npm packages
A stream of malicious npm and PyPi packages have been found stealing a wide range of sensitive data from software...
US and Japan warn of Chinese hackers backdooring Cisco routers
US and Japanese law enforcement and cybersecurity agencies warn of the Chinese 'BlackTech' hackers breaching network devices to install custom...
US-CERT Vulnerability Summary for the Week of September 11, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infowibu -- codemeter_runtime A heap buffer overflow vulnerability in Wibu CodeMeter Runtime...
WMIExec – Set Of Python Scripts Which Perform Different Ways Of Command Execution Via WMI Protocol
Set of python scripts which perform different ways of command execution via WMI protocol. Blog Post https://whiteknightlabs.com/2023/06/26/navigating-stealthy-wmi-lateral-movement/ Usage wmiexec_scheduledjob.py Is...
Medusa Locker Ransomware Victim: LANDSTAR POWER ONTARIO INC
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Ransomware Victim: Acoustic Center
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
LockBit 3.0 Ransomware Victim: cochraninc[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
8 Base Ransomware Victim: Muenz-Engineered Sales
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
CACTUS Ransomware Victim: www[.]orthumbau[.]de
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
CACTUS Ransomware Victim: www[.]astrolighting[.]com
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
ShadowSyndicate hackers linked to multiple ransomware ops, 85 servers
Security researchers have identified infrastructure belonging to a threat actor now tracked as ShadowSyndicate, who likely deployed seven different ransomware families...
Can we fix the weaknesses in password-based authentication?
In password-based authentication, end-users confirm their identity using login credentials, commonly a unique username, and a secret password. These credentials...
SickKids impacted by BORN Ontario data breach that hit 3.4 million
The Hospital for Sick Children, more commonly known as SickKids, is among healthcare providers that were impacted by the recent breach...
New AtlasCross hackers use American Red Cross as phishing lure
A new APT hacking group named 'AtlasCross' targets organizations with phishing lures impersonating the American Red Cross to deliver backdoor...
Sony investigates cyberattack as hackers fight over who’s responsible
Sony says that it is investigating allegations of a cyberattack this week as different hackers have stepped up to claim responsibility for...
Google assigns new maximum rated CVE to libwebp bug exploited in attacks
Google has assigned a new CVE ID (CVE-2023-5129) to a libwebp security vulnerability exploited as a zero-day in attacks and...
New ZeroFont phishing tricks Outlook into showing fake AV-scans
Hackers are utilizing a new trick of using zero-point fonts in emails to make malicious emails appear as safely scanned...
Hackers actively exploiting Openfire flaw to encrypt servers
Hackers are actively exploiting a high-severity vulnerability in Openfire messaging servers to encrypt servers with ransomware and deploy cryptominers. Openfire...
US-CERT Vulnerability Summary for the Week of September 11, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infowibu -- codemeter_runtime A heap buffer overflow vulnerability in Wibu CodeMeter Runtime...
KnockKnock – Enumerate Valid Users Within Microsoft Teams And OneDrive With Clean Output
Designed to validate potential usernames by querying OneDrive and/or Microsoft Teams, which are passive methods. Additionally, it can output/create a...
AtlasReaper – A Command-Line Tool For Reconnaissance And Targeted Write Operations On Confluence And Jira Instances
AtlasReaper is a command-line tool developed for offensive security purposes, primarily focused on reconnaissance of Confluence and Jira. It...
8 Base Ransomware Victim: SUD TRADING COMPANY
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
