CISA: CISA Releases Twelve Industrial Control Systems Advisories
CISA Releases Twelve Industrial Control Systems Advisories CISA released twelve Industrial Control Systems (ICS) advisories on August 10, 2023. These...
Month: August 2023
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: Fortinet Releases Security Update for FortiOS
Fortinet Releases Security Update for FortiOS Fortinet has released a security update to address a vulnerability (CVE-2023-29182) affecting FortiOS. A...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on August 8, 2023. These...
US-CERT Vulnerability Summary for the Week of August 7, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info phoenixcontact -- wp_6xxx_series In PHOENIX CONTACTs WP 6xxx series web panels...
Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking
Four security vulnerabilities in the ScrutisWeb ATM fleet monitoring software made by Iagona could be exploited to remotely break into...
Cybercriminals Abusing Cloudflare R2 for Hosting Phishing Pages, Experts Warn
Threat actors' use of Cloudflare R2 to host phishing pages has witnessed a 61-fold increase over the past six months....
HackerOne Bug Bounty Disclosure: b-yelp-com-xss-ato-via-login-keylogger-link-google-account-b-lil-endian
Company Name: b'Yelp' Company HackerOne URL: https://hackerone.com/yelp Submitted By:b'lil_endian'Link to Submitters Profile:https://hackerone.com/b'lil_endian' Report Title:b'yelp.com XSS ATO (via login keylogger, link...
HackerOne Bug Bounty Disclosure: b-renaming-aliasing-relative-symbolic-links-potentially-redirects-them-to-supposedly-inaccessible-locations-b-tniessen
Company Name: b'Node.js' Company HackerOne URL: https://hackerone.com/nodejs Submitted By:b'tniessen'Link to Submitters Profile:https://hackerone.com/b'tniessen' Report Title:b'Renaming/aliasing relative symbolic links potentially redirects them...
BianLian Ransomware Victim: Armortex
BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Malware Unleashed: Public Sector Hit in Sudden Surge, Reveals New Report
The just-released BlackBerry Global Threat Intelligence Report reveals a 40% increase in cyberattacks against government and public service organizations versus...
Monti Ransomware Returns with New Linux Variant and Enhanced Evasion Tactics
The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the...
Medusa Locker Ransomware Victim: Postel SpA
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Gigabud RAT Android Banking Malware Targets Institutions Across Countries
Account holders of over numerous financial institutions in Thailand, Indonesia, Vietnam, the Philippines, and Peru are being targeted by an...
LockBit 3.0 Ransomware Victim: haynesintl[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: econsult[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: qbcqatar[.]com[.]qa
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: leecorpinc[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: varian[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: jhillburn[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Nozomi Networks Guardian/CMC information disclosure | CVE-2023-24471
NAME__________Nozomi Networks Guardian/CMC information disclosurePlatforms Affected:Nozomi Networks Guardian/CMC 22.6.1Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Nozomi Networks Guardian/CMC could allow a remote authenticated attacker...
Nozomi Networks Guardian/CMC cross-site scripting | CVE-2023-22843
NAME__________Nozomi Networks Guardian/CMC cross-site scriptingPlatforms Affected:Nozomi Networks Guardian/CMC 22.6.1Risk Level:6.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Nozomi Networks Guardian/CMC is vulnerable to cross-site scripting, caused...
EmbedPress plugin for WordPress cross-site scripting | CVE-2023-4283
NAME__________EmbedPress plugin for WordPress cross-site scriptingPlatforms Affected:WordPress EmbedPress plugin for WordPress 3.8.2Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________EmbedPress plugin for WordPress is vulnerable...
KramerAV VIA Connect (2) and VIA Go (2) devices security bypass | CVE-2023-33468
NAME__________KramerAV VIA Connect (2) and VIA Go (2) devices security bypassPlatforms Affected:KramerAV VIA Connect (2) and VIA Go (2) deviceRisk...
