Dark Web Markets Offer New FraudGPT AI Tool
Cybersecurity experts have identified a new AI tool called “FraudGPT,” circulating on the Dark Web and Telegram channels since July 22 2023. FraudGPT...
Month: July 2023
CISA: Atlassian Releases Security Updates
Atlassian Releases Security Updates Atlassian has released its Security Bulletin for July 2023(link is external) to address vulnerabilities in Confluence Data...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on July 20, 2023. This...
CISA: Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078
Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078 A vulnerability discovered in Ivanti Endpoint Manager Mobile (EPMM, previously...
CISA: CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519
CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519 The Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. An attacker...
CISA: CISA Releases Analysis of FY22 Risk and Vulnerability Assessments
CISA Releases Analysis of FY22 Risk and Vulnerability Assessments CISA has released an analysis and infographic detailing the findings from...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on July 25, 2023. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
BreachForums – 212,156 breached accounts
HIBP In November 2022, the well-known hacking forum "BreachForums" was itself, breached. Later the following year, the operator of the...
US-CERT Vulnerability Summary for the Week of July 17, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infooliva_expertise -- oliva_expertise_eks Improper Neutralization of Special Elements used in an SQL...
HackerOne Bug Bounty Disclosure: b-csrf-in-seller-us-tiktok-com-profile-account-setting-delegation-login-b-eye
Company Name: b'TikTok' Company HackerOne URL: https://hackerone.com/tiktok Submitted By:b'eye_'Link to Submitters Profile:https://hackerone.com/b'eye_' Report Title:b'CSRF in seller-us.tiktok.com/profile/account-setting/delegation-login 'Report Link:https://hackerone.com/reports/2002352Date Submitted:26 July...
CISA: CISA Releases Analysis of FY22 Risk and Vulnerability Assessments
CISA Releases Analysis of FY22 Risk and Vulnerability Assessments CISA has released an analysis and infographic detailing the findings from...
Akira Ransomware Victim: Becht Engineering
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: selmi[.]com[.]br
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
GNOME librsvg directory traversal | CVE-2023-38633
NAME__________GNOME librsvg directory traversalPlatforms Affected:GNOME librsvg 2.56.2Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________GNOME librsvg could allow a remote attacker to traverse directories on...
Weaver e-cology SQL injection | CVE-2023-3793
NAME__________Weaver e-cology SQL injectionPlatforms Affected:Weaver e-cology 10.57Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Weaver e-cology is vulnerable to SQL injection. A remote attacker could...
Indico cross-site scripting | CVE-2023-37901
NAME__________Indico cross-site scriptingPlatforms Affected:Indico Indico 3.2.5Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Indico is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
EyouCMS information disclosure | CVE-2023-37645
NAME__________EyouCMS information disclosurePlatforms Affected:EyouCMS EyouCMS 1.6.3Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________EyouCMS could allow a remote attacker to obtain sensitive information, caused by...
MobiSystems Office Suite cross-site scripting | CVE-2023-38617
NAME__________MobiSystems Office Suite cross-site scriptingPlatforms Affected:MobiSystems Office Suite Premium 10.9.1.42602Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________MobiSystems Office Suite is vulnerable to cross-site scripting,...
IceWarp Icearp cross-site scripting | CVE-2023-37728
NAME__________IceWarp Icearp cross-site scriptingPlatforms Affected:IceWarp Icearp 10.2.1Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________IceWarp Icearp is vulnerable to cross-site scripting, caused by improper validation...
Bug Finder ChainCity Real Estate Investment Platform SQL injection | CVE-2023-3795
NAME__________Bug Finder ChainCity Real Estate Investment Platform SQL injectionPlatforms Affected:Bug Finder ChainCity Real Estate Investment Platform 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Bug...