Legacy Flaws Dominate Top 12 Vulnerabilities List
Security agencies from the Five Eyes intelligence alliance yesterday released their list of the 12 most exploited vulnerabilities of 2022,...
Month: August 2023
UK Government: Cyber-Attacks Could Kill or Maim Thousands
The government has warned that a serious cyber-attack on UK critical infrastructure has a 5–25% chance of happening over the...
Sophisticated Phishing Exploits Zero-Day Salesforce Vulnerability
A sophisticated email phishing campaign has been discovered by security researchers, exploiting a zero-day vulnerability in Salesforce’s email services and...
Stealthy npm Malware Exposes Developer Data
A stealthy malware has been discovered on npm, the popular package manager for JavaScript, that poses a severe threat by...
VMConnect: Python PyPI Threat Imitates Popular Modules
A new malicious campaign has been found on the Python Package Index (PyPI) open-source repository involving 24 malicious packages that...
CISA Announces 2024-2026 Strategic Plan
The Cybersecurity and Infrastructure Security Agency (CISA) has released its FY2024-2026 Strategic Plan, which builds on the cybersecurity strategy published...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: Ivanti Releases Security Updates for EPMM to address CVE-2023-35081
Ivanti Releases Security Updates for EPMM to address CVE-2023-35081 Ivanti has identified and released patches for a directory traversal vulnerability(link is...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on July 27, 2023. These...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on August 1, 2023. This...
CISA: CISA Releases Malware Analysis Reports on Barracuda Backdoors
CISA Releases Malware Analysis Reports on Barracuda Backdoors CISA has published three malware analysis reports on malware variants associated with...
CISA: Mozilla Releases Security Updates for Multiple Products
Mozilla Releases Security Updates for Multiple Products Mozilla has released security updates to address vulnerabilities for Firefox 116, Firefox ESR...
CISA: CISA Releases its Cybersecurity Strategic Plan
CISA Releases its Cybersecurity Strategic Plan Today, CISA released a strategic plan to lay out how we will fulfill our...
CISA: CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities
CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities The Cybersecurity and Infrastructure...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on August 3, 2023. These...
CISA: CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022
CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022 The U.S. Cybersecurity and...
US-CERT Vulnerability Summary for the Week of July 24, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infobiltay_technology -- scienta Improper Neutralization of Special Elements used in an SQL...
IMDShift – Automates Migration Process Of Workloads To IMDSv2 To Avoid SSRF Attacks
AWS workloads that rely on the metadata endpoint are vulnerable to Server-Side Request Forgery (SSRF) attacks. IMDShift automates the migration...
CISA: CISA Releases its Cybersecurity Strategic Plan
CISA Releases its Cybersecurity Strategic Plan Today, CISA released a strategic plan to lay out how we will fulfill our...
NYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex Hack
A married couple from New York City has pleaded guilty to money laundering charges in connection with the 2016 hack...
Webinar – Making PAM Great Again: Solving the Top 5 Identity Team PAM Challenges
Privileged Access Management (PAM) solutions are widely acknowledged as the gold standard for securing critical privileged accounts. However, many security...
Malicious npm Packages Found Exfiltrating Sensitive Data from Developers
Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate...
Akira Ransomware Victim: Venture General Agen cy
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: ohiohistory[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...