Play Ransomware Victim: Point Dedicated Services
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Month: February 2023
HackerOne Bug Bounty Disclosure: mystery-with-a-leaked-token-and-reusability-of-email-confirmation-link-leading-to-account-takeoverbygokulsk
Programme HackerOne Sorare Sorare Submitted by gokulsk gokulsk Report Mystery with a leaked token and Reusability of email confirmation link...
HackerOne Bug Bounty Disclosure: tiktok-2fa-bypassbyamans
Programme HackerOne TikTok TikTok Submitted by amans amans Report TikTok 2FA Bypass Full Report A considerable amount of time and...
Cobalt Stike Beacon Detected – 154[.]12[.]35[.]140:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]242[.]63[.]91:4443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]157[.]102[.]120:8082
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 3[.]29[.]24[.]212:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]60[.]147[.]188:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 34[.]29[.]37[.]160:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Delta Electronics DX-2100L1-CN cross-site scripting | CVE-2023-0432
NAME__________Delta Electronics DX-2100L1-CN cross-site scriptingPlatforms Affected:Risk Level:9Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Delta Electronics DX-2100L1-CN is vulnerable to cross-site scripting, caused by improper validation...
Tenable tenable.io, tenable.sc and Nessus privilege escalation | CVE-2023-0524
NAME__________Tenable tenable.io, tenable.sc and Nessus privilege escalationPlatforms Affected:Tenable Network Security Nessus Tenable Tenable.io Tenable Tenable.scRisk Level:9.1Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Tenable tenable.io, tenable.sc...
TRENDnet TEW-652BRP command execution | CVE-2023-0611
NAME__________TRENDnet TEW-652BRP command executionPlatforms Affected:Risk Level:8.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________TRENDnet TEW-652BRP could allow a remote authenticated attacker to execute arbitrary...
Dell EMC PowerScale OneFS information disclosure | CVE-2023-22575
NAME__________Dell EMC PowerScale OneFS information disclosurePlatforms Affected:Risk Level:8.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dell EMC PowerScale OneFS could allow a remote authenticated attacker within...
femanager extension for TYPO3 security bypass | CVE-2023-25013
NAME__________femanager extension for TYPO3 security bypassPlatforms Affected:TYPO3 Femanager extension TYPO3 6.3.0 TYPO3 femanager extension for TYPO3 6.0.0 TYPO3 femanager extension...
Mura CMS security bypass | CVE-2022-47003
NAME__________Mura CMS security bypassPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Mura CMS could allow a remote attacker to bypass security restrictions, caused by...
Dell PowerProtect Data Domain appliance command execution | CVE-2023-23692
NAME__________Dell PowerProtect Data Domain appliance command executionPlatforms Affected:Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Dell PowerProtect Data Domain appliance could allow a remote authenticated...
SelfWealth iOS application default account | CVE-2023-23132
NAME__________SelfWealth iOS application default accountPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________SelfWealth iOS application contains default hardcoded credentials. A remote attacker could exploit...
femanager extension for TYPO3 security bypass | CVE-2013-25014
NAME__________femanager extension for TYPO3 security bypassPlatforms Affected:TYPO3 Femanager extension TYPO3 6.3.0 TYPO3 femanager extension for TYPO3 6.0.0 TYPO3 femanager extension...
SelfWealth iOS application security bypass | CVE-2023-23131
NAME__________SelfWealth iOS application security bypassPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________SelfWealth iOS application could allow a remote attacker to bypass security restrictions,...
Zoho ManageEngine Support Center Plus command execution | CVE-2023-23076
NAME__________Zoho ManageEngine Support Center Plus command executionPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Zoho ManageEngine Support Center Plus could allow a remote attacker...
Masa CMS security bypass | CVE-2022-47002
NAME__________Masa CMS security bypassPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Masa CMS could allow a remote attacker to bypass security restrictions, caused by...
Dell EMC PowerScale OneFS information disclosure | CVE-2023-22574
NAME__________Dell EMC PowerScale OneFS information disclosurePlatforms Affected:Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dell EMC PowerScale OneFS could allow a remote authenticated attacker to...
Experts Warn of ‘Ice Breaker’ Cyberattacks Targeting Gaming and Gambling Industry
 A new attack campaign has been targeting the gaming and gambling sectors since at least September 2022, just as...
North Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ Campaign
 A new intelligence gathering campaign linked to the prolific North Korean state-sponsored Lazarus Group leveraged known security flaws in...
