Are You Willing to Pay the High Cost of Compromised Credentials?
Weak password policies leave organizations vulnerable to attacks. But are the standard password complexity requirements enough to secure them? 83%...
Month: September 2023
LockBit 3.0 Ransomware Victim: altmanplants[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – :
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
OpenKnowledgeMaps cross-site scripting | CVE-2023-40618
NAME__________OpenKnowledgeMaps cross-site scriptingPlatforms Affected:OpenKnowledgeMaps Head Start 7Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________OpenKnowledgeMaps is vulnerable to cross-site scripting, caused by improper validation of...
New Report Uncovers Three Distinct Clusters of China-Nexus Attacks on Southeast Asian Government
An unnamed Southeast Asian government has been targeted by multiple China-nexus threat actors as part of espionage campaigns targeting the...
8 Base Ransomware Victim: J[.]T[.] Cullen Co[.], Inc[.]
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
8 Base Ransomware Victim: Springer Eubank
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Fake celebrity photo leak videos flood TikTok with Temu referral codes
TikTok is flooded with videos promoting fake nude celebrity photo leaks used to push referral rewards for the Temu online...
CISA: ISC Releases Security Advisories for BIND 9
ISC Releases Security Advisories for BIND 9 The Internet Systems Consortium (ISC) has released security advisories to address vulnerabilities affecting...
CISA: FBI and CISA Release Advisory on Snatch Ransomware
FBI and CISA Release Advisory on Snatch Ransomware Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure...
CISA: CISA Adds Eight Known Exploited Vulnerabilities to Catalog
CISA Adds Eight Known Exploited Vulnerabilities to Catalog CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on September 19, 2023. These...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. A cyber...
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address a vulnerability...
CISA: Atlassian Releases September Security Bulletin
Atlassian Releases September Security Bulletin Atlassian has released its security bulletin for September 2023 to address vulnerabilities in multiple products....
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on September 21, 2023. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
US-CERT Vulnerability Summary for the Week of September 11, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infowibu -- codemeter_runtime A heap buffer overflow vulnerability in Wibu CodeMeter Runtime...
EDRaser – Tool For Remotely Deleting Access Logs, Windows Event Logs, Databases, And Other Files
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines....
Ivanti Endpoint Manager information disclosure | CVE-2023-38343
NAME__________Ivanti Endpoint Manager information disclosurePlatforms Affected:Ivanti Endpoint Manager 2022Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Ivanti Endpoint Manager could allow a remote attacker to...
Ivanti Endpoint Manager file disclosure | CVE-2023-38344
NAME__________Ivanti Endpoint Manager file disclosurePlatforms Affected:Ivanti Endpoint Manager 2022Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Ivanti Endpoint Manager could allow a remote authenticated attacker...
Contribsys faktory denial of service | CVE-2023-37279
NAME__________Contribsys faktory denial of servicePlatforms Affected:contribsys faktory 1.7.0Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Contribsys faktory is vulnerable to a denial of service,...
Mobile Security Framework information disclosure | CVE-2023-42261
NAME__________Mobile Security Framework information disclosurePlatforms Affected:MobSF MobSF 3.7.8Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Mobile Security Framework could allow a remote attacker to obtain...
