BlackCat ransomware uses new ‘Munchkin’ Linux VM in stealthy attacks
The BlackCat/ALPHV ransomware operation has begun to use a new tool named 'Munchkin' that utilizes virtual machines to deploy encryptors...
Month: October 2023
Over 40,000 Cisco IOS XE devices infected with backdoor using zero-day
More than 40,000 Cisco devices running the IOS XE operating system have been compromised after hackers exploited a recently disclosed...
E-Root admin faces 20 years for selling stolen RDP, SSH accounts
Sandu Diaconu, the operator of the E-Root marketplace, has been extradited to the U.S. to face a maximum imprisonment penalty...
Microsoft extends Purview Audit log retention after July breach
Microsoft is extending Purview Audit log retention as promised after the Chinese Storm-0558 hacking group breached dozens of Exchange and...
Fake KeePass site uses Google Ads and Punycode to push malware
A Google Ads campaign was found pushing a fake KeePass download site that used Punycode to appear as the official...
Play Ransomware Victim: Associated Wholesale Grocers
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
US-CERT Vulnerability Summary for the Week of October 9, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info3ds -- teamwork_cloud_no_magic_releaseA Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from...
HackerOne Bug Bounty Disclosure: b-responsive-server-side-request-forgery-ssrf-b-bhmth
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'bhmth'Link to Submitters Profile:https://hackerone.com/b'bhmth' Report Title:b'Responsive Server-side Request Forgery (SSRF)'Report Link:https://hackerone.com/reports/1895874Date Submitted:19...
HackerOne Bug Bounty Disclosure: b-deny-admin-from-editing-linkedin-company-page-using-gen-form-visibility-via-post-voyager-api-voyagerorganizationdashcompanies-id-b-domg
Company Name: b'LinkedIn' Company HackerOne URL: https://hackerone.com/linkedin Submitted By:b'domg'Link to Submitters Profile:https://hackerone.com/b'domg' Report Title:b'Deny Admin from Editing LinkedIn Company Page...
Clever malvertising attack uses Punycode to look like KeePass’s official website
Threat actors are known for impersonating popular brands in order to trick users. In a recent malvertising campaign, we observed a...
LockBit 3.0 Ransomware Victim: fdf[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: frs-fnrs[.]be
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: smart-union[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: thecsi[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: salaw[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Zephyr buffer overflow | CVE-2023-4263
NAME__________Zephyr buffer overflowPlatforms Affected:Zephyr Project Zephyr 3.4.0Risk Level:7.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Zephyr is vulnerable to a stack-based buffer overflow, caused by improper...
XnSoft NConvert for Windows denial of service | CVE-2023-43251
NAME__________XnSoft NConvert for Windows denial of servicePlatforms Affected:XnSoft NConvert for Windows 7.154 XnSoft NConvert for Windows 7.153Risk Level:7.8Exploitability:UnprovenConsequences:Denial of Service...
Who Hit The Page Hit Counter plugin for WordPress cross-site scripting | CVE-2023-46066
NAME__________Who Hit The Page Hit Counter plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Mediabay plugin for WordPress 1.6 WordPress Mediabay...
QNAP QTS, QuTS hero, and QuTScloud directory traversal | CVE-2023-32974
NAME__________QNAP QTS, QuTS hero, and QuTScloud directory traversalPlatforms Affected:QNAP QuTS hero h5.1.0 QNAP QTS 5.1.0 QNAP QuTScloud c5.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information...
WebAuthn4J Spring Security security bypass | CVE-2023-45669
NAME__________WebAuthn4J Spring Security security bypassPlatforms Affected:WebAuthn4J Spring Security 0.9.0.RELEASERisk Level:4.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________WebAuthn4J Spring Security could allow a remote attacker to...
ZPE Systems Nodegrid OS information disclosure | CVE-2023-44037
NAME__________ZPE Systems Nodegrid OS information disclosurePlatforms Affected:ZPE Systems Nodegrid OS 5.8.10 ZPE Systems Nodegrid OS 5.8.13 ZPE Systems Nodegrid OS...
QNAP QTS, QuTS hero, and QuTScloud buffer overflow | CVE-2023-32973
NAME__________QNAP QTS, QuTS hero, and QuTScloud buffer overflowPlatforms Affected:QNAP QTS 4.5.0 QNAP QTS 5.0.0 QNAP QuTS Hero h5.0.0 QNAP QuTS...
QNAP QTS, QuTS hero, and QuTScloud denial of service | CVE-2023-32970
NAME__________QNAP QTS, QuTS hero, and QuTScloud denial of servicePlatforms Affected:QNAP QTS 4.5.0 QNAP QTS 5.0.0 QNAP QuTS Hero h5.0.0 QNAP...
XnSoft NConvert for Windows denial of service | CVE-2023-43250
NAME__________XnSoft NConvert for Windows denial of servicePlatforms Affected:XnSoft NConvert for Windows 7.154 XnSoft NConvert for Windows 7.153Risk Level:7.8Exploitability:UnprovenConsequences:Denial of Service...
