CISA: DoS and DDoS Attacks against Multiple Sectors
DoS and DDoS Attacks against Multiple Sectors CISA is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service...
Month: June 2023
3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage
In today's fast-paced digital landscape, the widespread adoption of AI (Artificial Intelligence) tools is transforming the way organizations operate. From...
Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage Attacks
Charming Kitten, the nation-state actor affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC), has been attributed to a bespoke spear-phishing...
Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign
An active financially motivated campaign is targeting vulnerable SSH servers to covertly ensnare them into a proxy network. "This is...
3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage
In today's fast-paced digital landscape, the widespread adoption of AI (Artificial Intelligence) tools is transforming the way organizations operate. From...
WhatsApp Upgrades Proxy Feature Against Internet Shutdowns
Meta's WhatsApp has rolled out updates to its proxy feature, allowing more flexibility in the kind of content that can...
Akira Ransomware Victim: Nycon
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: 4LEAF, Inc
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Hospitality Staffing Solutions
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: LCG company (URGENT! )
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: amepl[.]com[.]au
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: tsmc[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 162[.]19[.]68[.]68:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 42[.]192[.]16[.]196:9998
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]9[.]134[.]16:1111
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]223[.]28[.]25:8001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 46[.]21[.]153[.]146:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]36[.]81[.]223:10443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Subscribe2 plugin for WordPress cross-site request forgery | CVE-2023-3407
NAME__________Subscribe2 plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Subscribe2 Plugin WordPress 10.41Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Subscribe2 plugin for WordPress is vulnerable...
Salon Booking System plugin for WordPress cross-site request forgery | CVE-2023-3427
NAME__________Salon Booking System plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Salon Booking System Plugin WordPress 8.4.6Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Salon Booking...
jgraph/drawio denial of service | CVE-2023-3398
NAME__________jgraph/drawio denial of servicePlatforms Affected:jgraph drawio 18.1.3Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________jgraph/drawio is vulnerable to a denial of service, caused by...
Ruby on Rails redirect_to method cross-site scripting | CVE-2023-28362
NAME__________Ruby on Rails redirect_to method cross-site scriptingPlatforms Affected:Ruby on Rails Ruby on Rails 6.1.7.3 Ruby on Rails Ruby on Rails...
Xenforo cross-site scripting |
NAME__________Xenforo cross-site scriptingPlatforms Affected:Xenforo Xenforo 2.2.13Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Xenforo is vulnerable to multiple cross-site scripting, caused by improper validation of...
Traggo Server directory traversal | CVE-2023-34843
NAME__________Traggo Server directory traversalPlatforms Affected:Traggo Server 0.3.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Traggo Server could allow a remote attacker to traverse directories on...
