Month: July 2023

OpenAI, Microsoft, Google and Anthropic Form Body to Regulate AI

July 28, 2023

You may have heard Sam Altman, the man behind ChatGPT, call for the regulation of future AI models while at...

SEC Wants Cyber-Incident Disclosure Within Four Days

July 28, 2023

The US Securities and Exchange Commission (SEC) has adopted new rules requiring publicly listed firms to disclose serious incidents within...

High Severity Vulnerabilities Discovered in Ninja Forms Plugin

July 28, 2023

Multiple high-severity vulnerabilities have been discovered in Ninja Forms, a popular forms builder plugin for WordPress with over 900,000 active...

“Mysterious Elephant” Emerges, Kaspersky Reports

July 28, 2023

A new malicious actor known as “Mysterious Elephant” operating in the Asia-Pacific region has emerged in the threat landscape in the...

China’s Wuhan Earthquake Center Suffers Cyber-Attack

July 28, 2023

The Wuhan Earthquake Monitoring Center in China has been hit by a cyber-incident perpetuated by a hacker group with an...

Security Incident Impacts CardioComm’s Operations

July 28, 2023

CardioComm Solutions, a Canadian medical provider of consumer heart monitoring and medical ECG software solutions, has disclosed a cybersecurity incident...

CISA

CISA: Atlassian Releases Security Updates

July 28, 2023

Atlassian Releases Security Updates Atlassian has released its Security Bulletin for July 2023(link is external) to address vulnerabilities in Confluence Data...

CISA

CISA: Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078

July 28, 2023

Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078 A vulnerability discovered in Ivanti Endpoint Manager Mobile (EPMM, previously...

CISA

CISA: CISA Releases Four Industrial Control Systems Advisories

July 28, 2023

CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on July 25, 2023. These...

CISA

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

July 28, 2023

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...

CISA

CISA: Apple Releases Security Updates for Multiple Products

July 28, 2023

Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. An attacker...

CISA

CISA: CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse

July 28, 2023

CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse The Australian Signals Directorate’s Australian Cyber...

CISA

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

July 28, 2023

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...

CISA

CISA: CISA Releases Analysis of FY22 Risk and Vulnerability Assessments

July 28, 2023

CISA Releases Analysis of FY22 Risk and Vulnerability Assessments CISA has released an analysis and infographic detailing the findings from...

CISA

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

July 28, 2023

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA

CISA: CISA Releases Five Industrial Control Systems Advisories

July 28, 2023

CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on July 27, 2023. These...

News

US-CERT Vulnerability Summary for the Week of July 17, 2023

July 27, 2023

High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infooliva_expertise -- oliva_expertise_eks Improper Neutralization of Special Elements used in an SQL...

CISA

CISA: CISA Releases Five Industrial Control Systems Advisories

July 27, 2023

CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on July 27, 2023. These...

Posh C2 Detected – 3[.]70[.]143[.]123:443

July 27, 2023

The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...

LockBit 3.0 Ransomware Victim: scmh[.]org[.]tw

July 27, 2023

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Beauty Salon Management System cross-site scripting | CVE-2023-3886

July 27, 2023

NAME__________Beauty Salon Management System cross-site scriptingPlatforms Affected:CampCodes Beauty Salon Management System 1.0Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Beauty Salon Management System is vulnerable...

Certifi unspecified | CVE-2023-37920

July 27, 2023

NAME__________Certifi unspecifiedPlatforms Affected:Certifi Certifi 2023.05.07Risk Level:7.5Exploitability:UnprovenConsequences:Unknown DESCRIPTION__________An unspecified error with the removal of e-Tugra root certificate in Certifi has an...

copyparty cross-site scripting | CVE-2023-38501

July 27, 2023

NAME__________copyparty cross-site scriptingPlatforms Affected:copyparty copyparty 1.8.6Risk Level:6.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________copyparty is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

DataEase cross-site scripting | CVE-2023-37257

July 27, 2023

NAME__________DataEase cross-site scriptingPlatforms Affected:DataEase DataEase 1.18.6 DataEase DataEase 1.18.7 DataEase DataEase 1.18.8Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________DataEase is vulnerable to cross-site scripting,...

Month: July 2023

OpenAI, Microsoft, Google and Anthropic Form Body to Regulate AI

SEC Wants Cyber-Incident Disclosure Within Four Days

High Severity Vulnerabilities Discovered in Ninja Forms Plugin

“Mysterious Elephant” Emerges, Kaspersky Reports

China’s Wuhan Earthquake Center Suffers Cyber-Attack

Security Incident Impacts CardioComm’s Operations

CISA: Atlassian Releases Security Updates

CISA: Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078

CISA: CISA Releases Four Industrial Control Systems Advisories

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: Apple Releases Security Updates for Multiple Products

CISA: CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases Analysis of FY22 Risk and Vulnerability Assessments

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases Five Industrial Control Systems Advisories

US-CERT Vulnerability Summary for the Week of July 17, 2023

CISA: CISA Releases Five Industrial Control Systems Advisories

Posh C2 Detected – 3[.]70[.]143[.]123:443

LockBit 3.0 Ransomware Victim: scmh[.]org[.]tw

Beauty Salon Management System cross-site scripting | CVE-2023-3886

Certifi unspecified | CVE-2023-37920

copyparty cross-site scripting | CVE-2023-38501

DataEase cross-site scripting | CVE-2023-37257

CVE Alert: CVE-2024-9511

CVE Alert: CVE-2024-11446

CVE Alert: CVE-2024-9635

CVE Alert: CVE-2024-11330

CVE Alert: CVE-2024-9659

You may have missed