Shutterfly says Clop ransomware attack did not impact customer data
Shutterfly, an online retail and photography manufacturing platform, is among the latest victims hit by Clop ransomware. Over the last few months,...
Month: July 2023
BreachForums owner Pompompurin pleads guilty to hacking charges
Conor Brian Fitzpatrick, aka Pompompurin, the owner of the notorious BreachForums (aka Breached) hacking forum, has pleaded guilty to hacking...
WordPress AIOS plugin used by 1M sites logged plaintext passwords
The All-In-One Security (AIOS) WordPress security plugin, used by over a million WordPress sites, was found to be logging plaintext...
Rockwell warns of new APT RCE exploit targeting critical infrastructure
Rockwell Automation says a new remote code execution (RCE) exploit linked to an unnamed Advanced Persistent Threat (APT) group could...
Colorado State University says data breach impacts students, staff
Colorado State University (CSU) has confirmed that the Clop ransomware operation stole sensitive personal information of current and former students...
Genesis Market infrastructure and inventory sold on hacker forum
Image: Bing Create The administrators of the Genesis Market for stolen credentials announced on a hacker forum that they sold...
CISA: Microsoft Releases July 2023 Security Updates
Microsoft Releases July 2023 Security Updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can...
CISA: Mozilla Releases Security Update for Firefox and Firefox ESR
Mozilla Releases Security Update for Firefox and Firefox ESR Mozilla has released a security update to address a vulnerability in...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on July 11, 2023. These...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Critical Industrial Control Systems (ICS) advisory on July 12, 2023....
CISA: Adobe Releases Security Updates for ColdFusion and InDesign
Adobe Releases Security Updates for ColdFusion and InDesign Adobe has released security updates to address vulnerabilities affecting ColdFusion(link is external) and...
CISA: CISA Adds Two Known Vulnerabilities to Catalog
CISA Adds Two Known Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Nine Industrial Control Systems Advisories
CISA Releases Nine Industrial Control Systems Advisories CISA released nine Industrial Control Systems (ICS) advisories on July 13, 2023. These...
CISA: CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online The Cybersecurity and Infrastructure...
CISA: Juniper Releases Multiple Security Updates for Juno OS
Juniper Releases Multiple Security Updates for Juno OS Juniper has released updates to address multiple vulnerabilities in Juno OS(link is...
CISA: Cisco Releases Security Update for SD-WAN vManage API
Cisco Releases Security Update for SD-WAN vManage API Cisco has released a security update to address a critical vulnerability affecting...
US-CERT Vulnerability Summary for the Week of July 3, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infosem-cms -- semcmsFile Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers...
Akira Ransomware Victim: 4LEAF, Inc
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Schmidt Salzman & Mo ran, Ltd
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Gerber Childrenswear LLC
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
HackerOne Bug Bounty Disclosure: an-attacker-can-can-view-any-hacker-email-via-savecollaboratorsmutation-operation-name–xrayan
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:0xrayan1996Link to Submitters Profile:https://hackerone.com/0xrayan1996 Report Title:An attacker can can view any hacker...
HackerOne Bug Bounty Disclosure: indriver-job-admin-approval-bypass-mikejohnson
Company Name: inDrive Company HackerOne URL: https://hackerone.com/indrive Submitted By:mikejohnson_1Link to Submitters Profile:https://hackerone.com/mikejohnson_1 Report Title:inDriver Job - Admin Approval BypassReport Link:https://hackerone.com/reports/1861487Date...
HackerOne Bug Bounty Disclosure: metamask-browser-url-and-transaction-origin-spoofing-metamask-wallet-android-metamask-wallet-ios-renekroka
Company Name: MetaMask Company HackerOne URL: https://hackerone.com/metamask Submitted By:renekrokaLink to Submitters Profile:https://hackerone.com/renekroka Report Title:MetaMask Browser URL and Transaction Origin Spoofing...
HackerOne Bug Bounty Disclosure: endpoint-disclosing-user-password-team-tsk
Company Name: Newegg Company HackerOne URL: https://hackerone.com/newegg Submitted By:team_tskLink to Submitters Profile:https://hackerone.com/team_tsk Report Title:Endpoint disclosing user passwordReport Link:https://hackerone.com/reports/1986731Date Submitted:05 July...