Toronto Public Library services down following weekend cyberattack
The Toronto Public Library (TPL) is warning that many of its online services are offline after suffering a cyberattack over the...
Month: October 2023
New BiBi-Linux wiper malware targets Israeli orgs in destructive attacks
A new malware wiper known as BiBi-Linux is being used to destroy data in attacks targeting Linux systems belonging to...
RCE exploit for Wyze Cam v3 publicly released, patch now
A security researcher has published a proof-of-concept (PoC) exploit for Wyze Cam v3 devices that opens a reverse shell and...
Exploit released for critical Cisco IOS XE flaw, many hosts still hacked
Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as...
FTC orders non-bank financial firms to report breaches in 30 days
The U.S. Federal Trade Commission (FTC) has amended the Safeguards Rules, mandating that all non-banking financial institutions report data breach...
SEC sues SolarWinds for misleading investors before 2020 hack
The U.S. Securities and Exchange Commission (SEC) today charged SolarWinds with defrauding investors by allegedly concealing cybersecurity defense issues before...
LastPass breach linked to theft of $4.4 million in crypto
Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases,...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on October 24, 2023. This...
CISA: CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198...
CISA: CISA Releases Nine Industrial Control Systems Advisories
CISA Releases Nine Industrial Control Systems Advisories CISA released nine Industrial Control Systems (ICS) advisories on October 26, 2023. These...
CISA: Mozilla Releases Security Advisories for Multiple Products
Mozilla Releases Security Advisories for Multiple Products Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A...
CISA: VMware Releases Security Advisory for vCenter Server
VMware Releases Security Advisory for vCenter Server VMware released a security advisory for vulnerabilities (CVE-2023-34048, CVE-2023-34056) affecting the VMware vCenter...
CISA: Apple Releases Security Advisories for Multiple Products
Apple Releases Security Advisories for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. A cyber...
CISA: VMware Releases Advisory for VMware Tools Vulnerabilities
VMware Releases Advisory for VMware Tools Vulnerabilities VMware released a security advisory addressing multiple vulnerabilities (CVE-2023-34057, CVE-2023-34058) in VMware Tools....
CISA: CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities With Additional Releases
CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities With Additional Releases Today, CISA updated its guidance addressing...
CISA: CISA Announces Launch of Logging Made Easy
CISA Announces Launch of Logging Made Easy Today, CISA announces the launch of a new version of Logging Made Easy (LME)(link...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
GameSprite – 6,164,643 breached accounts
HIBP In December 2019, the now defunct gaming platform GameSprite suffered a data breach that exposed over 6M unique email...
Play Ransomware Victim: Brodart
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
US-CERT Vulnerability Summary for the Week of October 23, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info projectworlds_pvt._limited -- online_art_gallery Online Art Gallery v1.0 is vulnerable to multiple...
Teams_Dump – PoC For Dumping And Decrypting Cookies In The Latest Version Of Microsoft Teams
PoC for dumping and decrypting cookies in the latest version of Microsoft Teams extract.py just dumps without arguments extract.exe is...
HackerOne Bug Bounty Disclosure: b-stored-xss-at-https-x-com-api-id-b-pentestor
Company Name: b'8x8 Bounty' Company HackerOne URL: https://hackerone.com/8x8-bounty Submitted By:b'pentestor'Link to Submitters Profile:https://hackerone.com/b'pentestor' Report Title:b'Stored xss at https://.8x8.com/api//ID'Report Link:https://hackerone.com/reports/2078490Date Submitted:30...
Pro-Hamas Hacktivists Targeting Israeli Entities with Wiper Malware
A pro-Hamas hacktivist group has been observed using a new Linux-based wiper malware dubbed BiBi-Linux Wiper, targeting Israeli entities amidst...
Malvertising via Dynamic Search Ads delivers malware bonanza
Most, if not all malvertising incidents result from a threat actor either injecting code within an existing ad, or intentionally...
