Malware-Infected Devices Sold Through Major Retailers
Human Security has exposed a significant monetization method employed by a sophisticated cyber-criminal operation. This operation involved the sale of...
Month: October 2023
LightSpy iPhone Spyware Linked to Chinese APT41 Group
Banking security firm ThreatFabric has found evidence that LightSpy, an iPhone spyware discovered in 2020, is more sophisticated than previously...
Police Issue “Quishing” Email Warning
Police in Northern Ireland have warned organizations in the province to be on their guard after issuing a new Crime...
Researchers Link DragonEgg Android Spyware to LightSpy iOS Surveillanceware
New findings have identified connections between an Android spyware called DragonEgg and another sophisticated modular iOS surveillanceware tool named LightSpy....
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote...
CISA: Mozilla Releases Security Advisories for Thunderbird and Firefox
Mozilla Releases Security Advisories for Thunderbird and Firefox Mozilla has released security updates to address vulnerabilities for Thunderbird 115.3, Firefox...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. A cyber...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on September 28, 2023. These...
CISA: Mozilla Releases Security Updates for Multiple Products
Mozilla Releases Security Updates for Multiple Products Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR,...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog, Removes Five KEVs
CISA Adds Two Known Exploited Vulnerabilities to Catalog, Removes Five KEVs CISA has added two new vulnerabilities to its Known Exploited...
CISA: CISA and NSA Release New Guidance on Identity and Access Management
CISA and NSA Release New Guidance on Identity and Access Management Today, CISA and the National Security Agency (NSA) published...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
Play Ransomware Victim: Roof Management
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Cinepolis USA
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Security Instrument
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Filtration Control
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: CHARMANT Group
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Stavanger Municipality
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
US-CERT Vulnerability Summary for the Week of September 25, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoaccusoft -- imagegearAn out-of-bounds write vulnerability exists in the tiff_planar_adobe functionality of...
ModuleShifting – Stealthier Variation Of Module Stomping And Module Overloading Injection Techniques That Reduces Memory IoCs
ModuleShifting is stealthier variation of Module Stomping and Module overloading injection technique. It is actually implemented in Python ctypes so...
HackerOne Bug Bounty Disclosure: b-bypassing-garbage-collection-with-uppercase-endpoint-b-h-xploit
Company Name: b'inDrive' Company HackerOne URL: https://hackerone.com/indrive Submitted By:b'h1xploit'Link to Submitters Profile:https://hackerone.com/b'h1xploit' Report Title:b'Bypassing Garbage Collection with Uppercase Endpoint'Report Link:https://hackerone.com/reports/2078527Date...
HackerOne Bug Bounty Disclosure: b-reflected-xss-in-oauth-login-flow-https-access-line-me-b-tosun
Company Name: b'LY Corporation' Company HackerOne URL: https://hackerone.com/line Submitted By:b'tosun'Link to Submitters Profile:https://hackerone.com/b'tosun' Report Title:b'Reflected XSS in OAUTH2 login flow...
