Month: July 2023

CISA

CISA: Juniper Releases Multiple Security Updates for Juno OS

July 18, 2023

Juniper Releases Multiple Security Updates for Juno OS Juniper has released updates to address multiple vulnerabilities in Juno OS(link is...

CISA

CISA: CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online

July 18, 2023

CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online The Cybersecurity and Infrastructure...

CISA

CISA: CISA Releases Nine Industrial Control Systems Advisories

July 18, 2023

CISA Releases Nine Industrial Control Systems Advisories CISA released nine Industrial Control Systems (ICS) advisories on July 13, 2023. These...

CISA

CISA: CISA Develops Factsheet for Free Tools for Cloud Environments

July 18, 2023

CISA Develops Factsheet for Free Tools for Cloud Environments CISA has developed and published a factsheet, Free Tools for Cloud...

CISA

CISA: NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing

July 18, 2023

NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing Today, the National Security Agency (NSA) and CISA published...

CISA

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

July 18, 2023

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA

CISA: Cisco Releases Security Update for SD-WAN vManage API

July 18, 2023

Cisco Releases Security Update for SD-WAN vManage API Cisco has released a security update to address a critical vulnerability affecting...

CISA

CISA: CISA Adds Two Known Vulnerabilities to Catalog

July 18, 2023

CISA Adds Two Known Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...

News

US-CERT Vulnerability Summary for the Week of July 3, 2023

July 17, 2023

High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infosem-cms -- semcmsFile Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers...

CISA

CISA: NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing

July 17, 2023

NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing Today, the National Security Agency (NSA) and CISA published...

HackerOne Bug Bounty Disclosure: an-idor-that-can-lead-to-enumeration-of-a-user-and-disclosure-of-email-and-phone-number-within-cashier-miquinho

July 17, 2023

Company Name: Unikrn Company HackerOne URL: https://hackerone.com/unikrn Submitted By:miquinhoLink to Submitters Profile:https://hackerone.com/miquinho Report Title:An IDOR that can lead to enumeration...

HackerOne Bug Bounty Disclosure: subscription-check-bypass-of-nordvpn-service-tlsh

July 17, 2023

Company Name: Nord Security Company HackerOne URL: https://hackerone.com/nordsecurity Submitted By:tlsh1Link to Submitters Profile:https://hackerone.com/tlsh1 Report Title:Subscription check bypass of NordVPN serviceReport...

CISA

Month: July 2023

CISA: Juniper Releases Multiple Security Updates for Juno OS

CISA: CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online

CISA: CISA Releases Nine Industrial Control Systems Advisories

CISA: CISA Develops Factsheet for Free Tools for Cloud Environments

CISA: NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: Cisco Releases Security Update for SD-WAN vManage API

CISA: CISA Adds Two Known Vulnerabilities to Catalog

US-CERT Vulnerability Summary for the Week of July 3, 2023

CISA: NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing

HackerOne Bug Bounty Disclosure: an-idor-that-can-lead-to-enumeration-of-a-user-and-disclosure-of-email-and-phone-number-within-cashier-miquinho

HackerOne Bug Bounty Disclosure: subscription-check-bypass-of-nordvpn-service-tlsh

CISA: CISA Develops Factsheet for Free Tools for Cloud Environments

Akira Ransomware Victim: 4LEAF, Inc

LockBit 3.0 Ransomware Victim: test[.]com

Health Tech Vendor to Pay $31m After Kickback Allegations

Acting White House Cyber Director Withdraws Nomination

EU Urged to Prepare for Quantum Cyber-Attacks

Russian Charged with Tech Smuggling and Money Laundering

Fewer Than 100 Scammers Responsible For Global Email Extortion

US on Track For Record Number of Data Breaches

White House Publishes Plan to Implement US National Cybersecurity Strategy

Mandiant Unveils Russian GRU’s Cyber Playbook Against Ukraine

[APT73] – Ransomware Victim: gureco[.]pl

[APT73] – Ransomware Victim: lgpunjab[.]gov[.]in

[INCRANSOM] – Ransomware Victim: IPE Engwicht

[HUNTERS] – Ransomware Victim: Aeris Energy

[HUNTERS] – Ransomware Victim: Jones & Mayer

You may have missed