Mortgage giant Mr. Cooper says customer data exposed in breach
Mr. Cooper, the largest home loan servicer in the United States, says it found evidence of customer data exposed during...
Month: November 2023
Maine govt notifies 1.3 million people of MOVEit data breach
The State of Maine has announced that its systems were breached after threat actors exploited a vulnerability in the MOVEit file...
Hackers breach healthcare orgs via ScreenConnect remote access
Security researchers are warning that hackers are targeting multiple healthcare organizations in the U.S. by abusing the ScreenConnect remote access...
Russian APT Sandworm Disrupted Power in Ukraine Using Novel OT Techniques
Google-owned Mandiant has revealed that Sandowrm, a Russia-backed hacking group, conducted a disruptive cyber-attack targeting a Ukrainian critical infrastructure organization...
OpenAI Reveals ChatGPT Is Being DDoS-ed
ChatGPT developer OpenAI has admitted the cause of intermittent outages across its flagship generative AI offering over the past day:...
New Kamran Spyware Targets Urdu-Speaking Users in Pakistan
Security researchers have identified a watering-hole attack on a regional news website, Hunza News, which delivers news about Gilgit-Baltistan, a...
UK Shoppers Lost Nearly £11m to Fraud Last Festive Season
A leading UK security agency has warned of AI-generated fraud in the coming weeks, after citing new figures that shoppers...
Quishing Campaigns Spike 50% in September
Security researchers have detected a double-digit percentage increase in incidents involving QR code phishing (quishing), as cyber-criminals exploit employee use...
ICBC and Allen & Overy Hit By Ransomware
Two giants of the banking and legal sectors have been breached by suspected ransomware actors, according to reports.Allen & Overy...
MPs Dangerously Uninformed About Facial Recognition – Report
Most British lawmakers are unaware or misinformed about how and where facial recognition technology (FRT) is being used, and the...
MOVEit Gang Targets SysAid Customers With Zero-Day Attacks
Microsoft has revealed a new threat campaign exploiting a zero-day vulnerability in the popular SysAid IT helpdesk software.Posting to X...
Signature Techniques of Asian APT Groups Revealed
The Kaspersky Cyber Threat Intelligence team has unveiled crucial insights into the tactics, techniques and procedures (TTPs) employed by Asian...
Chess – 827,620 breached accounts
HIBP In November 2023, over 800k user records were scraped from the Chess website and posted to a popular hacking...
US-CERT Vulnerability Summary for the Week of October 30, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocontec -- solarview_compact_firmwareAn issue in Contec SolarView Compact v.6.0 and before allows...
Afuzz – Automated Web Path Fuzzing Tool For The Bug Bounty Projects
Afuzz is an automated web path fuzzing tool for the Bug Bounty projects. Afuzz is being actively developed by @rapiddns...
HackerOne Bug Bounty Disclosure: b-bypass-r-payment-screen-b-hacker-t-dog
Company Name: b'Cloudflare Public Bug Bounty' Company HackerOne URL: https://hackerone.com/cloudflare Submitted By:b'hacker_t_dog'Link to Submitters Profile:https://hackerone.com/b'hacker_t_dog' Report Title:b'Bypass R2 payment screen'Report...
HackerOne Bug Bounty Disclosure: b-yaml-schema-injection-risk-in-swagger-ui-via-schema-url-parameter-at-developers-cloudflare-com-b-aliend
Company Name: b'Cloudflare Public Bug Bounty' Company HackerOne URL: https://hackerone.com/cloudflare Submitted By:b'aliend89'Link to Submitters Profile:https://hackerone.com/b'aliend89' Report Title:b'YAML schema injection risk...
HackerOne Bug Bounty Disclosure: b-csrf-xss-reflect-b-smael-liveira
Company Name: b'Daimler Truck' Company HackerOne URL: https://hackerone.com/daimler_truck Submitted By:b'1smael0liveira'Link to Submitters Profile:https://hackerone.com/b'1smael0liveira' Report Title:b'CSRF + XSS REFLECT'Report Link:https://hackerone.com/reports/2050122Date Submitted:10...
Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes
The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage...
Alert: ‘Effluence’ Backdoor Persists Despite Patching Atlassian Confluence Servers
Cybersecurity researchers have discovered a stealthy backdoor named Effluence that's deployed following the successful exploitation of a recently disclosed security...
Akira Ransomware Victim: Battle Motors (Crane Carrier, CCC)
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Autocommerce
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Inventum Øst
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: SALUS Controls
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...