Purchase Scams Surge as Fraud Losses Hit £580m
Authorised push payment (APP) fraud continues to be a major headache for the UK banking industry and its customers, contributing...
Month: October 2023
Seiko “BlackCat” Data Breach: 60,000 Records on the Line
Seiko Group Corporation (SGC) has recently confirmed the extent of a data breach that it disclosed initially in August. The...
AWS: Security Not a Priority For a Third of SMBs
Cybersecurity is not a strategic priority for 35% of SMBs considering cloud migration, Amazon Web Services (AWS) has revealed.The cloud...
US-CERT Vulnerability Summary for the Week of October 16, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info1e -- platformAffected 1E Platform versions have a Blind SQL Injection vulnerability...
Puncia – Subdomain And Exploit Hunter Powered By AI
Puncia utilizes two of our intelligent APIs - Subdomain Center & Exploit Observer, to gather the results. Please note that...
HackerOne Bug Bounty Disclosure: b-accessing-apps-protected-via-zt-s-access-when-user-account-is-deleted-disabled-even-after-clearing-user-session-seat-b-suzuka
Company Name: b'Cloudflare Public Bug Bounty' Company HackerOne URL: https://hackerone.com/cloudflare Submitted By:b'suzuka'Link to Submitters Profile:https://hackerone.com/b'suzuka' Report Title:b"Accessing apps protected via...
HackerOne Bug Bounty Disclosure: b-blind-ssrf-on-https-my-exnessaffiliates-com-allows-for-internal-network-enumeration-b-null-hypothesis
Company Name: b'EXNESS' Company HackerOne URL: https://hackerone.com/exness Submitted By:b'null_hypothesis'Link to Submitters Profile:https://hackerone.com/b'null_hypothesis' Report Title:b'Blind SSRF on https://my.exnessaffiliates.com/ allows for internal...
HackerOne Bug Bounty Disclosure: b-new-search-feature-search-for-non-public-words-in-limited-disclosure-reports-b-ahacker
Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'ahacker1'Link to Submitters Profile:https://hackerone.com/b'ahacker1' Report Title:b'New Search Feature: Search for non-public words...
CISA: Mozilla Releases Security Advisories for Multiple Products
Mozilla Releases Security Advisories for Multiple Products Mozilla has released security updates to address vulnerabilities in Firefox ESR 115.4 and...
Critical OAuth Flaws Uncovered in Grammarly, Vidio, and Bukalapak Platforms
Critical security flaws have been disclosed in the Open Authorization (OAuth) implementation of popular online services such as Grammarly, Vidio,...
Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software
The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October...
Malvertising Campaign Targets Brazil’s PIX Payment System with GoPIX Malware
The popularity of Brazil's PIX instant payment system has made it a lucrative target for threat actors looking to generate...
The Rise of S3 Ransomware: How to Identify and Combat It
In today's digital landscape, around 60% of corporate data now resides in the cloud, with Amazon S3 standing as the...
Hong Kong residents targeted in malvertising campaigns for WhatsApp, Telegram
Malvertising is a powerful malware or scam delivery mechanism that makes it easy to target specific geographies or even users....
Act Now: VMware Releases Patch for Critical vCenter Server RCE Vulnerability
VMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code...
LockBit 3.0 Ransomware Victim: mgbwlaw[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: linkmicrotek[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: ambic[.]co[.]uk
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: excon[.]cl
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: fern-plastics[.]co[.]uk
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: camico[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: martinsonservices[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Add Custom Body Class plugin for WordPress cross-site scripting | CVE-2023-5205
NAME__________Add Custom Body Class plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Add Custom Body Class plugin for WordPress 1.4.1 WordPress Add...
IBM TXSeries denial of service | CVE-2023-42031
NAME__________IBM TXSeries denial of servicePlatforms Affected:IBM TXSeries for Multiplatforms 8.1 IBM TXSeries for Multiplatforms 8.2 IBM TXSeries for Multiplatforms 9.1...
