Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups
A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer...
Month: November 2023
CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks
The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors. The advisory comes...
Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw
A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been...
HackerOne Bug Bounty Disclosure: b-unauthorised-cocoapods-auth-via-token-leakage-http-header-injection-b-reefspek
Company Name: b'Snowplow' Company HackerOne URL: https://hackerone.com/snowplow Submitted By:b'reefspek'Link to Submitters Profile:https://hackerone.com/b'reefspek' Report Title:b'Unauthorised CocoaPods Auth via Token Leakage &...
Medusa Locker Ransomware Victim: Toyota Financial
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Black Basta Ransomware Victim: uchlogistics[.]co[.]uk
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: citycontainer[.]dk
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Akira Ransomware Victim: Inventum Øst
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: tarltonandson[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: kwhfreeze[.]fi
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: adyne[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: owensgroup[.]uk
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: goodhopeholdings[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: chicagotrading[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Adobe Photoshop information disclosure | CVE-2023-44334
NAME__________Adobe Photoshop information disclosurePlatforms Affected:Adobe Photoshop 2023 24.71 Adobe Photoshop 2024 25.0Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Adobe Photoshop could allow a remote...
Adobe Bridge information disclosure | CVE-2023-44327
NAME__________Adobe Bridge information disclosurePlatforms Affected:Adobe Bridge 13.0.4 Adobe Bridge 14.0.0Risk Level:3.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Adobe Bridge could allow a remote attacker to...
Siemens COMOS information disclosure | CVE-2023-43503
NAME__________Siemens COMOS information disclosurePlatforms Affected:Siemens COMOSRisk Level:3.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Siemens COMOS could allow a remote authenticated attacker to obtain sensitive information....
Siemens SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family code execution | CVE-2023-44374
NAME__________Siemens SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family code executionPlatforms Affected:Siemens SCALANCE XF-200BA Siemens SCALANCE XR-300WG...
Fortinet FortiSIEM information disclosure | CVE-2023-45585
NAME__________Fortinet FortiSIEM information disclosurePlatforms Affected:Fortinet FortiSIEM 6.7.0 Fortinet FortiSIEM 6.7.5Risk Level:2.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Fortinet FortiSIEM could allow a local authenticated attacker...
HPE Aruba Networking ArubaOS and InstantOS file deletion | CVE-2023-45618
NAME__________HPE Aruba Networking ArubaOS and InstantOS file deletionPlatforms Affected:Aruba Networks ArubaOS 10.5.0.0 Aruba Networks ArubaOS 10.4.0.2 Aruba Networks InstantOS 8.11.1.2...
Intel Ethernet Controllers and Adapters Software denial of service | CVE-2023-28376
NAME__________Intel Ethernet Controllers and Adapters Software denial of servicePlatforms Affected:Intel Ethernet Network Controllers and Adapters E810 SeriesRisk Level:6.5Exploitability:UnprovenConsequences:Denial of Service...
Intel Arc RGB Controller software privilege escalation | CVE-2023-32638
NAME__________Intel Arc RGB Controller software privilege escalationPlatforms Affected:Intel Arc RGB Controller software 1.06Risk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Intel Arc RGB Controller ]...
HPE Aruba Networking ArubaOS and InstantOS command execution | CVE-2023-45625
NAME__________HPE Aruba Networking ArubaOS and InstantOS command executionPlatforms Affected:Aruba Networks ArubaOS 10.5.0.0 Aruba Networks ArubaOS 10.4.0.2 Aruba Networks InstantOS 8.11.1.2...
Intel On Demand agent software information disclosure | CVE-2023-32283
NAME__________Intel On Demand agent software information disclosurePlatforms Affected:Intel On Demand agent software 3.0.1.3 Intel On Demand agent software 2.1.0.1 Intel...
