Critical Glibc Bug Puts Linux Distributions at Risk
Security researchers from the Qualys Threat Research Unit (TRU) have uncovered a new buffer overflow vulnerability within the GNU C...
Month: October 2023
China Poised to Disrupt US Critical Infrastructure with Cyber-Attacks, Microsoft Warns
Chinese threat actors are positioning themselves to deploy major cyber-attacks against US critical national infrastructure (CNI) in the event of...
Scammers Impersonate Companies to Steal Cryptocurrency from Job Seekers
Security researchers have discovered a major new scam operation designed to trick job seekers into parting with cryptocurrency, by getting...
CISA and NSA Tackle IAM Security Challenges in New Report
The CISA and the National Security Agency (NSA) have published new guidelines in a report called "Identity and Access Management:...
Qakbot Gang Still Active Despite FBI Takedown
Despite the takedown of the Qakbot threat gang’s infrastructure by the FBI in late August, some of the group’s affiliates...
AWS to Mandate Multi-Factor Authentication from 2024
Amazon Web Services (AWS) said it will require multi-factor authentication (MFA) for all privileged accounts starting mid-2024, in a bid...
Apple Issues Emergency Patches for More Zero-Day Bugs
Apple has been forced to issue more emergency updates to fix two new zero-day vulnerabilities impacting iOS and iPadOS users.An...
CISA and NSA Publish Top 10 Misconfigurations
Two leading US government security agencies have shared the top 10 most common cybersecurity misconfigurations, in a bid to improve...
US-CERT Vulnerability Summary for the Week of September 25, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoaccusoft -- imagegearAn out-of-bounds write vulnerability exists in the tiff_planar_adobe functionality of...
Caracal – Static Analyzer For Starknet Smart Contracts
Caracal is a static analyzer tool over the SIERRA representation for Starknet smart contracts. Features Detectors to detect vulnerable Cairo...
HackerOne Bug Bounty Disclosure: b-draft-report-exposure-via-slack-alerting-system-for-programs-b-imranhudaa
Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'imranhudaa'Link to Submitters Profile:https://hackerone.com/b'imranhudaa' Report Title:b'Draft report exposure via slack alerting system...
North Korea’s Lazarus Group Launders $900 Million in Cryptocurrency
As much as $7 billion in cryptocurrency has been illicitly laundered through cross-chain crime, with the North Korea-linked Lazarus Group...
Medusa Locker Ransomware Victim: Agència Catalana de Notícies (ACN)
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
PikaBot C2 Detected – 102[.]129[.]139[.]65:32999
PikaBot C2 The Information provided at the time of posting was detected as "PikaBot C2". Depending on when you are...
PikaBot C2 Detected – 38[.]242[.]240[.]28:1194
PikaBot C2 The Information provided at the time of posting was detected as "PikaBot C2". Depending on when you are...
Chinese Hackers Target Semiconductor Firms in East Asia with Cobalt Strike
Threat actors have been observed targeting semiconductor companies in East Asia with lures masquerading as Taiwan Semiconductor Manufacturing Company (TSMC)...
New OS Tool Tells You Who Has Access to What Data
Ensuring sensitive data remains confidential, protected from unauthorized access, and compliant with data privacy regulations is paramount. Data breaches result...
Supermicro’s BMC Firmware Found Vulnerable to Multiple Critical Vulnerabilities
Multiple security vulnerabilities have been disclosed in the Intelligent Platform Management Interface (IPMI) firmware for Supermicro baseboard management controllers (BMCs)...
GitHub’s Secret Scanning Feature Now Covers AWS, Microsoft, Google, and Slack
GitHub has announced an improvement to its secret scanning feature that extends validity checks to popular services such as Amazon...
Akira Ransomware Victim: Terwilliger Land Sur vey Engineers
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: cote-expert-equipements[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: sirva[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: tatatelebusiness[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: sinedieadvisor[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
