CISA: CISA Requests for Comment on Secure Software Self-Attestation Form
CISA Requests for Comment on Secure Software Self-Attestation Form CISA has issued requests for comment on the Secure Software Self-Attestation...
Month: April 2023
Royal Ransomware Victim: Clarke County Hospital
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Daily Threat Intelligence – April 28 – 2023
The abuse of Telegram has become a norm in the world of cybercrime. Of late, security researchers uncovered an unidentified...
New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets
Threat actors are advertising a new information stealer for the Apple macOS operating system called Atomic macOS Stealer (or AMOS)...
Black Basta Ransomware Victim: restorationmanagement
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: Anton Paar
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Attention Online Shoppers: Don’t Be Fooled by Their Sleek, Modern Looks — It’s Magecart!
An ongoing Magecart campaign has attracted the attention of cybersecurity researchers for leveraging realistic-looking fake payment screens to capture sensitive...
ViperSoftX InfoStealer Adopts Sophisticated Techniques to Avoid Detection
A significant number of victims in the consumer and enterprise sectors located across Australia, Japan, the U.S., and India have...
Why Your Detection-First Security Approach Isn’t Working
Stopping new and evasive threats is one of the greatest challenges in cybersecurity. This is among the biggest reasons why...
Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now
Networking equipment maker Zyxel has released patches for a critical security flaw in its firewall devices that could be exploited...
IBM Safer Payments denial of service | CVE-2023-27556
NAME__________IBM Safer Payments denial of servicePlatforms Affected:IBM Safer Payments 6.1.0.00 IBM Safer Payments 6.2.0.00 IBM Safer Payments 6.3.0.00 IBM Safer...
IBM Safter Payments information disclosure | CVE-2023-27557
NAME__________IBM Safter Payments information disclosurePlatforms Affected:IBM Safer Payments 6.1.0.00 IBM Safer Payments 6.2.0.00 IBM Safer Payments 6.3.0.00 IBM Safer Payments...
Trust Wallet Core security bypass | CVE-2023-31290
NAME__________Trust Wallet Core security bypassPlatforms Affected:Trust Wallet Trust Wallet Core 3.1.0Risk Level:5.9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Trust Wallet Core could allow a remote...
HCL Workload Automation information disclosure | CVE-2023-28008
NAME__________HCL Workload Automation information disclosurePlatforms Affected:HCL Software Workload Automation 9.4 HCL Software Workload Automation 9.5 HCL Software Workload Automation 10.1Risk...
Wp-Insert Plugin for WordPress cross-site scripting | CVE-2023-25461
NAME__________Wp-Insert Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Wp-Insert plugin for WordPress 2.5.0Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Wp-Insert Plugin for WordPress is vulnerable...
Service Location Protocol (SLP, RFC 2608) denial of service | CVE-2023-29552
NAME__________Service Location Protocol (SLP, RFC 2608) denial of servicePlatforms Affected:Risk Level:6.8Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Service Location Protocol (SLP, RFC 2608) is...
IBM Watson Machine Learning on Cloud Pak for Data server-side request forgery | CVE-2023-30444
NAME__________IBM Watson Machine Learning on Cloud Pak for Data server-side request forgeryPlatforms Affected:IBM Watson Machine Learning on CP4D 4.0 IBM...
IBM Safer Payments denial of service | CVE-2020-4729
NAME__________IBM Safer Payments denial of servicePlatforms Affected:IBM Safer Payments 6.1.0.00 IBM Safer Payments 6.2.0.00 IBM Safer Payments 5.7.0.00 IBM Safer...
IBM DB2 for Linux, UNIX and Windows denial of service | CVE-2023-29255
NAME__________IBM DB2 for Linux, UNIX and Windows denial of servicePlatforms Affected:IBM DB2 for Linux UNIX and Windows 10.5 IBM DB2...
Podlove Subscribe button Plugin for WordPress cross-site scripting | CVE-2023-25479
NAME__________Podlove Subscribe button Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Podlove Subscribe button plugin for WordPress 1.3.7Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Podlove Subscribe...
IBM Maximo Asset Management information disclosure | CVE-2023-27860
NAME__________IBM Maximo Asset Management information disclosurePlatforms Affected:IBM Maximo Asset Management 7.6.1.2 IBM Maximo Asset Management 7.6.1.3Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Maximo...
Prestashop information disclosure | CVE-2023-30545
NAME__________Prestashop information disclosurePlatforms Affected:PrestaShop PrestaShop 1.7.8.7 PrestaShop askforaquote module for PrestaShop 5.4.2Risk Level:7.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Prestashop could allow a remote attacker...
Atom CMS SQL injection |
NAME__________Atom CMS SQL injectionPlatforms Affected:Atom CMS Atom CMS 2.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Atom CMS is vulnerable to SQL injection. A remote...
HCL Workload Automation information disclosure | CVE-2023-28009
NAME__________HCL Workload Automation information disclosurePlatforms Affected:HCL Software Workload Automation 9.4 HCL Software Workload Automation 9.5 HCL Software Workload Automation 10.1Risk...
