Microsoft AI Researchers Accidentally Expose 38 Terabytes of Confidential Data
Microsoft on Monday said it took steps to correct a glaring security gaffe that led to the exposure of 38...
Month: September 2023
Think Your MFA and PAM Solutions Protect You? Think Again
When you roll out a security product, you assume it will fulfill its purpose. Unfortunately, however, this often turns out...
Retool Falls Victim to SMS-Based Phishing Attack Affecting 27 Cloud Clients
Software development company Retool has disclosed that the accounts of 27 of its cloud customers were compromised following a targeted...
Hook: New Android Banking Trojan That Expands on ERMAC’s Legacy
A new analysis of the Android banking trojan known as Hook has revealed that it's based on its predecessor called...
Transparent Tribe Uses Fake YouTube Android Apps to Spread CapraRAT Malware
The suspected Pakistan-linked threat actor known as Transparent Tribe is using malicious Android apps mimicking YouTube to distribute the CapraRAT...
Earth Lusca’s New SprySOCKS Linux Backdoor Targets Government Entities
The China-linked threat actor known as Earth Lusca has been observed targeting government entities using a never-before-seen Linux backdoor called...
Inside the Code of a New XWorm Variant
XWorm is a relatively new representative of the remote access trojan cohort that has already earned its spot among the...
Live Webinar: Overcoming Generative AI Data Leakage Risks
As the adoption of generative AI tools, like ChatGPT, continues to surge, so does the risk of data exposure. According...
Nearly 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability
New research has found that close to 12,000 internet-exposed Juniper firewall devices are vulnerable to a recently disclosed remote code...
Akira Ransomware Victim: Fuji Seal Internatio nal (US branch)
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Glovis America
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Discourse denial of service | CVE-2023-41043
NAME__________Discourse denial of servicePlatforms Affected:Discourse Discourse 3.1.0.beta8 Discourse Discourse 3.1.0Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Discourse is vulnerable to a denial of...
Booster for WooCommerce plugin for WordPress cross-site scripting | CVE-2023-4945
NAME__________Booster for WooCommerce plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Booster for WooCommerce Plugin for WordPress 3.0.2Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Booster for...
Feeds for YouTube Plugin for WordPress cross-site scripting | CVE-2023-4841
NAME__________Feeds for YouTube Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Feeds for YouTube Plugin for WordPress 2.1Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Feeds for...
OpenKnowledgeMaps cross-site scripting | CVE-2023-40617
NAME__________OpenKnowledgeMaps cross-site scriptingPlatforms Affected:OpenKnowledgeMaps Head Start 7Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________OpenKnowledgeMaps is vulnerable to cross-site scripting, caused by improper validation of...
NCR Teller web app cross-site scripting | CVE-2023-42362
NAME__________NCR Teller web app cross-site scriptingPlatforms Affected:NCR Teller Web App 4.4.0Risk Level:7.2Exploitability:HighConsequences:Gain Access DESCRIPTION__________NCR Teller web app is vulnerable to...
Discourse denial of service | CVE-2023-41042
NAME__________Discourse denial of servicePlatforms Affected:Discourse Discourse 3.1.0.beta8 Discourse Discourse 3.1.0Risk Level:4.9Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Discourse is vulnerable to a denial of...
Razer Synapse privilege escalation | CVE-2022-47631
NAME__________Razer Synapse privilege escalationPlatforms Affected:Razer Synapse 3.8.0228.022313Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Razer Synapse could allow a local authenticated attacker to gain elevated...
Strapi information disclosure | CVE-2023-37263
NAME__________Strapi information disclosurePlatforms Affected:Strapi Strapi 4.12.0Risk Level:6.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Strapi could allow a remote authenticated attacker to obtain sensitive information, caused...
China Unicom TEWA-800G information disclosure | CVE-2023-5028
NAME__________China Unicom TEWA-800G information disclosurePlatforms Affected:China Unicom TEWA-800G 4.16L.04_CT2015_YuemeRisk Level:2.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________China Unicom TEWA-800G could allow a physically proximate attacker...
NLnet Labs bcder library denial of service | CVE-2023-39914
NAME__________NLnet Labs bcder library denial of servicePlatforms Affected:NLnet Labs bcder library 0.7.2Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________NLnet Labs bcder library is...
NLnet Labs Routinator denial of service | CVE-2023-39915
NAME__________NLnet Labs Routinator denial of servicePlatforms Affected:NLnet Labs Routinator 0.12.1Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________NLnet Labs Routinator is vulnerable to a...
Dell PowerEdge BIOS and Dell Precision BIOS privilege escalation | CVE-2023-32461
NAME__________Dell PowerEdge BIOS and Dell Precision BIOS privilege escalationPlatforms Affected:Dell BIOSRisk Level:5Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Dell PowerEdge BIOS and Dell Precision BIOS...
WooCommerce CVR Payment Gateway Plugin for WordPress security bypass | CVE-2023-4948
NAME__________WooCommerce CVR Payment Gateway Plugin for WordPress security bypassPlatforms Affected:WordPress WooCommerce CVR Payment Gateway Plugin for WordPress 6.1.0Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security...
