Microsoft Fixes Five Zero-Day Vulnerabilities
Microsoft has released fixes for five zero-day vulnerabilities in its monthly update round, three of which are being actively exploited...
Month: November 2023
UK Privacy Regulator Issues Black Friday Smart Device Warning
The Information Commissioner’s Office (ICO) has urged shoppers to investigate the privacy and security credentials of any smart technologies they’re...
US Government Unveils First AI Roadmap For Cybersecurity
The US Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its inaugural roadmap for artificial...
Acuity – 14,055,729 breached accounts
HIBP In mid-2020, a 437GB corpus of data attributed to an entity named "Acuity" was created and later extensively distributed....
US-CERT Vulnerability Summary for the Week of October 30, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocontec -- solarview_compact_firmwareAn issue in Contec SolarView Compact v.6.0 and before allows...
Goblob – A Fast Enumeration Tool For Publicly Exposed Azure Storage Blobs
Goblob is a lightweight and fast enumeration tool designed to aid in the discovery of sensitive information exposed publicy in...
HackerOne Bug Bounty Disclosure: b-buffer-overflow-and-affected-url-https-github-com-curl-curl-blob-master-docs-examples-hsts-preload-c-b-cyberguardianrd
Company Name: b'curl' Company HackerOne URL: https://hackerone.com/curl Submitted By:b'cyberguardianrd'Link to Submitters Profile:https://hackerone.com/b'cyberguardianrd' Report Title:b'Buffer overflow and affected url:-https://github.com/curl/curl/blob/master/docs/examples/hsts-preload.c'Report Link:https://hackerone.com/reports/2252307Date Submitted:15...
HackerOne Bug Bounty Disclosure: b-reflected-xss-in-https-wordpress-com-start-account-user-b-secureighty
Company Name: b'Automattic' Company HackerOne URL: https://hackerone.com/automattic Submitted By:b'secureighty'Link to Submitters Profile:https://hackerone.com/b'secureighty' Report Title:b'reflected xss in https://wordpress.com/start/account/user'Report Link:https://hackerone.com/reports/2055132Date Submitted:15 November...
HackerOne Bug Bounty Disclosure: b-csrf-vulnerability-in-royal-canin-website-allows-attackers-to-change-user-profile-picture-at-my-royalcanin-pt-b-bx
Company Name: b'Mars' Company HackerOne URL: https://hackerone.com/mars Submitted By:b'bx00'Link to Submitters Profile:https://hackerone.com/b'bx00' Report Title:b'**"CSRF Vulnerability in Royal Canin Website Allows...
HackerOne Bug Bounty Disclosure: b-oauth-client-secret-stored-in-plain-text-in-the-database-b-rullzer
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'rullzer'Link to Submitters Profile:https://hackerone.com/b'rullzer' Report Title:b'OAuth2 client_secret stored in plain text in...
Black Basta Ransomware Victim: boulangerieauger[.]com
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: agromatic[.]de
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: rekord[.]de
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: cmcsheetmetal[.]com
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: maytec[.]de
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Citrix Hypervisor Security Bulletin for CVE-2023-23583 and CVE-2023-46835
Description of Problem An issue has been discovered that affects Citrix Hypervisor 8.2 CU1 LTSR and may allow malicious privileged...
Posh C2 Detected – 68[.]183[.]227[.]107:444
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Akira Ransomware Victim: Inventum Øst
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Restaurant Table Booking System information disclosure | CVE-2023-6076
NAME__________Restaurant Table Booking System information disclosurePlatforms Affected:PHPGurukul Restaurant Table Booking System 1.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Restaurant Table Booking System could allow...
Pleasanter cross-site scripting | CVE-2023-34439
NAME__________Pleasanter cross-site scriptingPlatforms Affected:Pleasanter Pleasanter 1.3.47.0Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Pleasanter is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
ICS Business Manager cross-site scripting | CVE-2023-6098
NAME__________ICS Business Manager cross-site scriptingPlatforms Affected:ICSSolution ICS Business Manager 7.06.0028.7066Risk Level:6.3Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________ICS Business Manager is vulnerable to cross-site scripting,...
Profile Builder plugin for WordPress cross-site request forgery | CVE-2023-47669
NAME__________Profile Builder plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Profile Builder Plugin for WordPress 3.10.3Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Profile Builder plugin...
DataHub weak security | CVE-2023-47628
NAME__________DataHub weak securityPlatforms Affected:DataHub DataHub 0.11.0 DataHub DataHub 0.10.5Risk Level:5.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________DataHub could provide weaker than expected security, caused by...
Telit Cinterion devices information disclosure | CVE-2023-47614
NAME__________Telit Cinterion devices information disclosurePlatforms Affected:Telit Cinterion BGS5 Telit Cinterion EHS5 Telit Cinterion EHS6 Telit Cinterion EHS8 Telit Cinterion PDS5...