GitHub passkeys generally available for passwordless sign-ins
GitHub has made passkeys generally available across the platform today to secure accounts against phishing and allow passwordless logins for...
Month: September 2023
Apple Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of...
US Government in Snatch Ransomware Warning
Authorities in the US released a new cybersecurity advisory yesterday updating organizations on the latest tactics, techniques and procedures (TTPs)...
New Ransomware Victims Surge by 47% with Gangs Targeting Small Businesses
Ransomware attackers are shifting away from “big game” targets and towards easier, less defended organizations, a new report from Trend...
UK-US Confirm Agreement for Personal Data Transfers
The UK government has announced its decision to establish a data bridge with the US, enabling the free flow of...
Bot Attack Costs Double to $86m Annually
The typical business in the US and UK loses over 4% of their online revenue every year due to malicious...
Scams Now Make Up 75% of Cyber-Threats
Scams involving human manipulation comprised 75% of all desktop threats in the first half of 2023, according to new data...
ApexSMS – 23,246,481 breached accounts
HIBP In May 2019, news broke of a massive SMS spam operation known as "ApexSMS" which was discovered after a...
US-CERT Vulnerability Summary for the Week of September 11, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infowibu -- codemeter_runtime A heap buffer overflow vulnerability in Wibu CodeMeter Runtime...
Sekiryu – Comprehensive Toolkit For Ghidra Headless
This Ghidra Toolkit is a comprehensive suite of tools designed to streamline and automate various tasks associated with running Ghidra...
HackerOne Bug Bounty Disclosure: b-aws-keys-and-user-cookie-leakage-via-uninitialized-memory-leak-in-outdated-librsvg-version-in-basecamp-b-neex
Company Name: b'Basecamp' Company HackerOne URL: https://hackerone.com/basecamp Submitted By:b'neex'Link to Submitters Profile:https://hackerone.com/b'neex' Report Title:b'AWS keys and user cookie leakage via...
LockBit 3.0 Ransomware Victim: scottpartners[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: eljayoil[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: chevalerias[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: dasholding[.]ae
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: faithfamilyacademy[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hwwealth[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: messner[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: constantinecannon[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: bauscherhepp[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: compass-inc[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Dropbox Folder Share plugin for WordPress server-side request forgery | CVE-2023-3025
NAME__________Dropbox Folder Share plugin for WordPress server-side request forgeryPlatforms Affected:WordPress Dropbox Folder Share plugin for WordPress 1.9.7 WordPress Dropbox Folder...
Tenda AC10 denial of service | CVE-2023-42320
NAME__________Tenda AC10 denial of servicePlatforms Affected:Tenda AC10 US_AC10V4.0si_V16.03.10.13_cnRisk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Tenda AC10 is vulnerable to a denial of service,...
Samsung Memory Card & UFD Authentication Utility PC Software privilege escalation | CVE-2023-41929
NAME__________Samsung Memory Card & UFD Authentication Utility PC Software privilege escalationPlatforms Affected:Samsung Memory Card & UFD Authentication Utility PC Software...