US-CERT Vulnerability Summary for the Week of May 22, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of...
Month: May 2023
Daily Threat Intelligence – May 31 – 2023
Looking at its wide user base, WordPress is a hotbed of attacks. Thanks to security experts for securing a bug...
Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers
Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and remote code...
Beware of Ghost Sites: Silent Threat Lurking in Your Salesforce Communities
Improperly deactivated and abandoned Salesforce Sites and Communities (aka Experience Cloud) could pose severe risks to organizations, leading to unauthorized...
6 Steps to Effectively Threat Hunting: Safeguard Critical Assets and Fight Cybercrime
Finding threat actors before they find you is key to beefing up your cyber defenses. How to do that efficiently...
Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices
Cybersecurity researchers have found "backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to...
Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining
A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency...
Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass
Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root...
Black Basta Ransomware Victim: SLTAD_2
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
PikaBot C2 Detected – 45[.]154[.]24[.]57:2078
PikaBot C2 The Information provided at the time of posting was detected as "PikaBot C2". Depending on when you are...
PikaBot C2 Detected – 132[.]148[.]79[.]222:2222
PikaBot C2 The Information provided at the time of posting was detected as "PikaBot C2". Depending on when you are...
Implementing Risk-Based Vulnerability Discovery and Remediation
In this day and age, vulnerabilities in software and systems pose a considerable danger to businesses, which is why it...
Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers
Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and remote code...
Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass
Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root...
Alert: Hackers Exploit Barracuda Email Security Gateway 0-Day Flaw for 7 Months
Enterprise security firm Barracuda on Tuesday disclosed that a recently patched zero-day flaw in its Email Security Gateway (ESG) appliances...
RomCom RAT Using Deceptive Web of Rogue Software Sites for Covert Attacks
The threat actors behind RomCom RAT are leveraging a network of fake websites advertising rogue versions of popular software at...
6 Steps to Effective Threat Hunting: Safeguard Critical Assets and Fight Cybercrime
Finding threat actors before they find you is key to beefing up your cyber defenses. How to do that efficiently...
Dark Pink APT Group Leverages TelePowerBot and KamiKakaBot in Sophisticated Attacks
The threat actor known as Dark Pink has been linked to five new attacks aimed at various entities in Belgium,...
LockBit 3.0 Ransomware Victim: fixscr[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: columbuscitizens[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: nycollege[.]edu
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: credicoop[.]coop[.]py
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 175[.]178[.]174[.]131:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]140[.]247[.]133:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
