CISA: VMware Releases Security Update for Tools
VMware Releases Security Update for Tools VMware has released a security update to address a vulnerability in VMware Tools. A...
Month: September 2023
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on September 5, 2023. These...
CISA: CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 Today, CISA, Federal Bureau of...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on September 7, 2023. These...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security advisories to address vulnerabilities affecting multiple Cisco products. A...
CISA: CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack
CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack CISA has released actionable guidance for Federal Civilian...
CISA: CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells
CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells The Cybersecurity and Infrastructure Security Agency (CISA) has...
US-CERT Vulnerability Summary for the Week of August 28, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoearcms -- ear_appAn issue found in Earcms Ear App v.20181124 allows a...
DorXNG – Next Generation DorX. Built By Dorks, For Dorks
DorXNG is a modern solution for harvesting OSINT data using advanced search engine operators through multiple upstream search providers. On...
HackerOne Bug Bounty Disclosure: b-ability-to-bypass-admin-override-on-cloudflare-warp-android-b-callmed
Company Name: b'Cloudflare Public Bug Bounty' Company HackerOne URL: https://hackerone.com/cloudflare Submitted By:b'callmed0_4'Link to Submitters Profile:https://hackerone.com/b'callmed0_4' Report Title:b'Ability to bypass Admin...
Outlook Hack: Microsoft Reveals How a Crash Dump Led to a Major Security Breach
Microsoft on Wednesday revealed that a China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forge...
Mac Users Beware: Malvertising Campaign Spreads Atomic Stealer macOS Malware
A new malvertising campaign has been observed distributing an updated version of a macOS stealer malware called Atomic Stealer (or...
The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2024
By the end of 2024, the number of MSPs and MSSPs offering vCISO services is expected to grow by almost...
Mirai Botnet Variant ‘Pandora’ Hijacks Android TVs for Cyberattacks
A Mirai botnet variant called Pandora has been observed infiltrating inexpensive Android-based TV sets and TV boxes and using them...
Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks
Patches have been released to address two new security vulnerabilities in Apache SuperSet that could be exploited by an attacker...
Outlook Breach: Microsoft Reveals How a Crash Dump Led to a Major Security Breach
Microsoft on Wednesday revealed that a China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forge...
Dark Angel Victim: Sabre Corporation
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
UNISOC mobile phone chipsets for Android denial of service | CVE-2022-48452
NAME__________UNISOC mobile phone chipsets for Android denial of servicePlatforms Affected:Unisoc SC9863A Unisoc SC9832E Unisoc SC7731E Unisoc T610 Unisoc T606 Unisoc...
MediaTek chipsets denial of service | CVE-2023-20823
NAME__________MediaTek chipsets denial of servicePlatforms Affected:Mediatek MT6879 Mediatek MT6895 Mediatek MT6983 MediaTek MT8188 MediaTek MT8195 MediaTek MT8395Risk Level:4.4Exploitability:UnprovenConsequences:Denial of Service...
SHIRASAGI cross-site scripting | CVE-2023-38569
NAME__________SHIRASAGI cross-site scriptingPlatforms Affected:SHIRASAG SHIRASAGRisk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SHIRASAGI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input....
UNISOC mobile phone chipsets for Android denial of service | CVE-2022-47353
NAME__________UNISOC mobile phone chipsets for Android denial of servicePlatforms Affected:Unisoc SC9863A Unisoc SC9832E Unisoc SC7731E Unisoc T610 Unisoc T606 Unisoc...
SHIRASAGI directory traversal | CVE-2023-39448
NAME__________SHIRASAGI directory traversalPlatforms Affected:SHIRASAG SHIRASAGRisk Level:4.3Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________SHIRASAGI could allow a remote authenticated attacker to traverse directories on the system....
MediaTek chipsets privilege escalation | CVE-2023-20821
NAME__________MediaTek chipsets privilege escalationPlatforms Affected:Mediatek MT6879 Mediatek MT6895 Mediatek MT6983 MediaTek MT2713 MediaTek MT8188 MediaTek MT8195 MediaTek MT8395 MediaTek MT8781Risk...
UNISOC mobile phone chipsets for Android denial of service | CVE-2022-48453
NAME__________UNISOC mobile phone chipsets for Android denial of servicePlatforms Affected:Unisoc SC9863A Unisoc SC9832E Unisoc SC7731E Unisoc T610 Unisoc T606 Unisoc...