Qakbot operations continue to evolve to avoid detection
Experts warn that operators behind the Qakbot malware operation are improving their attack chain in an attempt to avoid detection....
Year: 2022
BlackCat/ALPHV Ransomware Victim: duda[.]com
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
HackerOne Bug Bounty Disclosure: stored-xss-for-grafana-dashboard-urlbyxanbanx
Programme HackerOne GitLab GitLab Submitted by xanbanx xanbanx Report Stored XSS for Grafana dashboard URL Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: [cve-2021-44228]-nps-acronis-com-is-vulnerable-to-the-recent-log4shell-0-daybyrhinestonecowboy
Programme HackerOne Acronis Acronis Submitted by rhinestonecowboy rhinestonecowboy Report nps.acronis.com is vulnerable to the recent log4shell 0-day Full Report A...
HackerOne Bug Bounty Disclosure: one-click-xss-in-[www-shopify-com]bycomwrg
Programme HackerOne Shopify Shopify Submitted by comwrg comwrg Report One Click XSS in Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: undici-does-not-use-connect-or-otherwise-validate-upstream-https-certificates-when-using-a-proxybypimterry
Programme HackerOne Node.js Node.js Submitted by pimterry pimterry Report Undici does not use CONNECT or otherwise validate upstream HTTPS certificates...
HackerOne Bug Bounty Disclosure: cve-2021-40438-on-cp-eu2-acronis-combysavik
Programme HackerOne Acronis Acronis Submitted by savik savik Report CVE-2021-40438 on cp-eu2.acronis.com Full Report A considerable amount of time and...
HackerOne Bug Bounty Disclosure: undici-proxyagent-vulnerable-to-mitmbypimterry
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by pimterry pimterry Report Undici ProxyAgent vulnerable to MITM Full Report...
HackerOne Bug Bounty Disclosure: rubygems-org-batching-attack-to-`confirmation_token`-by-bypass-rate-limitbyooooooo_q
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by ooooooo_q ooooooo_q Report rubygems.org Batching attack to `confirmation_token` by bypass...
HIVE Ransomware Victim: SANDO
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HIVE Ransomware Victim: RTVCM
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HIVE Ransomware Victim: Exela Technologies
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HIVE Ransomware Victim: AdaptIT
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HIVE Ransomware Victim: Authentic Brands Group
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HIVE Ransomware Victim: APETITO
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HIVE Ransomware Victim: GROUP4 AUSTRALIA
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Three UEFI Firmware flaws found in tens of Lenovo Notebook models
IT giant Lenovo released security fixes to address three vulnerabilities that impact the UEFI firmware shipped with over 70 product...
Bypass-Url-Parser – Tool That Tests Many URL Bypasses To Reach A 40X Protected Page
Tool that tests MANY url bypasses to reach a 40X protected page. If you wonder why this code is nothing...
Cobalt Stike Beacon Detected – 81[.]68[.]122[.]239:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 159[.]75[.]33[.]64:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]110[.]90[.]89:4443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 152[.]89[.]252[.]108:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Insecure password leads to Mangatoon data breach
The hugely popular Manga comics platform Mangatoon has fallen victim to a data breach. No fewer than 23 million user...
PyPI starts rolling out required 2FA for important projects
The Python Package Index (PyPI) says it has begun rolling out a two-factor authentication (2FA) requirement which enforces maintainers of...
