LockBit 2.0 Ransomware Victim: aref[.]government[.]bg
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Month: May 2022
LockBit 2.0 Ransomware Victim: nizing[.]com[.]tw
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
BugCrowd Bug Bounty Disclosure: P3 – XSS reflected – https://www.indeed.com/hire/employer-confirmation [co, hl] – By CGuillaume
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
China-linked Winnti APT steals intellectual property from companies worldwide
A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. Researchers...
BugCrowd Bug Bounty Disclosure: P3 – XSS reflected – https://www.indeed.com/hire/employer-confirmation [co, hl] – By CGuillaume
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Cliam – Multi Cloud IAM Permissions Enumeration Tool
Multi cloud iam permissions enumeration tool. Currently covers: AWS GCP Azure Oracle Description Cliam is a simple cloud permissions identifier....
CISA: Mozilla Releases Security Updates for Firefox and Firefox ESR
Mozilla Releases Security Updates for Firefox and Firefox ESR Mozilla has released security updates to address vulnerabilities in Firefox and...
CISA: F5 Releases Security Advisories Addressing Multiple Vulnerabilities
F5 Releases Security Advisories Addressing Multiple Vulnerabilities F5 has released security advisories on vulnerabilities affecting multiple products, including various versions...
Unfixed vulnerability in popular library puts IoT products at risk
Researchers have found a vulnerability in a popular C standard library in IoT products that could allow attackers to perform...
BugCrowd Bug Bounty Disclosure: P3 – XSS reflected – https://www.indeed.com/hire/employer-confirmation [co, hl] – By CGuillaume
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
CISA: CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA Adds Five Known Exploited Vulnerabilities to Catalog CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
8 security tips for small businesses
Small businesses and startups are known to face some extra challenges when it comes to cybersecurity. Because they don’t have...
Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites
Pro-Ukraine hackers are using Docker images to launch distributed denial-of-service (DDoS) attacks against a dozen Russian and Belarusian websites. Pro-Ukraine hackers, likely linked...
Experts linked multiple ransomware strains North Korea-backed APT38 group
Researchers from Trellix linked multiple ransomware strains to the North Korea-backed APT38 group. The ransomware was employed in attacks on...
LDAPFragger – Command And Control Tool That Enables Attackers To Route Cobalt Strike Beacon Data Over LDAP
LDAPFragger is a Command and Control tool that enables attackers to route From network segment A, run LDAPFragger --cshost <Cobalt...
Fake Cyberpunk Ape Executives target artists with malware-laden job offer
The wacky world of ape jpegs are at the heart of yet another increasingly bizarre internet scam, which contains malware,...
BugCrowd Bug Bounty Disclosure: P3 – XSS reflected – https://www.indeed.com/hire/employer-confirmation [co, hl] – By CGuillaume
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
An expert shows how to stop popular ransomware samples via DLL hijacking
A security researcher discovered that samples of Conti, REvil, LockBit ransomware were vulnerable to DLL hijacking. The security researcher John...
Apple macOS Monterey 12.3-CVE-2022-22616
NAME Apple - Multiple Platforms Affected:MultipleRisk Level:highCVE Type:Unspecified DESCRIPTION CVE-2022-22616 is an unspecified vulnerability impacting Apple macOS Monterey versions 12.2.1...
Linux Kernel security update-CVE-2022-28796
NAME Linux Kernel Organization - Linux Kernel Platforms Affected:Linux KernelRisk Level:lowCVE Type:Use after free DESCRIPTION CVE-2022-28796 is a use after...
Mozilla Firefox code execution | CVE-2022-29918
NAME Mozilla Firefox code execution Platforms Affected:Mozilla Firefox 99Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Mozilla Firefox could allow a remote attacker to...
Mozilla Firefox code execution | CVE-2022-29917
NAME Mozilla Firefox code execution Platforms Affected:Mozilla Firefox 99 Mozilla Firefox ESR 91.8Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Mozilla Firefox could allow...
Multiple TRUMPF TruTops products security bypass | CVE-2022-1300
NAME Multiple TRUMPF TruTops products security bypass Platforms Affected:TRUMPF TruTops Boost 13.05 TRUMPF TruTops Boost 13.08.21 TRUMPF TruTops Fab 22.05...
OpenSSL command execution | CVE-2022-1292
NAME OpenSSL command execution Platforms Affected:OpenSSL OpenSSL 1.0.2 OpenSSL OpenSSL 1.1.1 OpenSSL OpenSSL 3.0.0 OpenSSL OpenSSL 3.0.1 OpenSSL OpenSSL 3.0.2...
