Hackers exploit critical flaw in WordPress Royal Elementor plugin
A critical severity vulnerability impacting Royal Elementor Addons and Templates up to version 1.3.78 is reported to be actively exploited...
Month: October 2023
Cisco warns of new IOS XE zero-day actively exploited in attacks
Cisco warned admins today of a new maximum severity authentication bypass zero-day in its IOS XE software that lets unauthenticated...
Kansas courts IT systems offline after ‘security incident’
Information systems of state courts across Kansas are still offline after they've been disrupted in what the Kansas judicial branch...
Cisco IOS XE Escalation of Privilege Vulnerability
A vulnerability was identified in Cisco IOS XE. A remote attacker could exploit this vulnerability to trigger elevation of privilege on the targeted system. Note: CVE-2023-20198...
New RomCom Backdoor Targets Female Political Leaders
Japanese cybersecurity provider Trend Micro has uncovered a new malicious campaign targeting female political leaders and attendees of the Women...
Growing Concern Over Role of Hacktivism in Israel-Hamas Conflict
Hacktivists have claimed to hit Israeli websites through DDoS and defacement attacks following the outbreak of conflict between Israel and...
Signal Disputes Alleged Zero-Day Flaw
The encrypted messaging app Signal has refuted widespread claims of a zero-day software vulnerability. After an investigation, the company has...
Ransomware Targets Unpatched WS_FTP Servers
Unpatched WS_FTP servers exposed to the internet have become prime targets for ransomware attacks, with threat actors exploiting a critical...
Posh C2 Detected – 88[.]210[.]9[.]139:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
US-CERT Vulnerability Summary for the Week of October 9, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info3ds -- teamwork_cloud_no_magic_releaseA Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from...
Gcp_Scanner – A Comprehensive Scanner For Google Cloud
This is a GCP resource scanner that can help determine what level of access certain credentials possess on GCP. The...
HackerOne Bug Bounty Disclosure: b-critical-curl-cve-vulnerability-code-changes-are-disclosed-on-the-internet-b-shelldoit
Company Name: b'curl' Company HackerOne URL: https://hackerone.com/curl Submitted By:b'shelldoit'Link to Submitters Profile:https://hackerone.com/b'shelldoit' Report Title:b' Curl CVE-2023-38545 vulnerability code changes are...
HackerOne Bug Bounty Disclosure: b-inviting-excessive-long-email-addresses-to-a-calendar-event-makes-the-server-unresponsive-b-shuvam
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'shuvam321'Link to Submitters Profile:https://hackerone.com/b'shuvam321' Report Title:b'Inviting excessive long email addresses to a...
Black Basta Ransomware Victim: DOMAIN-BACCARAT_2
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: NCC_2
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Knight Ransomware Victim: GDL Logística Integrada S[.]A
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: Hacketts printing services
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: Decarie Motors Inc
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: Kinesis Film Srl
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: Guhring was hacked[.] Thousands of confidential files stolen[.]
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: Faieta Motorcompany IT
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: AKBASOGLU HOLDING Trans KA
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: BMW Munique Motors
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Knight Ransomware Victim: Mario de Cecco – Workwear & Corporate Wear IT
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
