CISA: CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and...
Month: November 2023
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat...
Fitmart – 214,492 breached accounts
HIBP In October 2021, data from the German fitness supplies store Fitmart was obtained and later redistributed online. The data...
US-CERT Vulnerability Summary for the Week of October 23, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info projectworlds_pvt._limited -- online_art_gallery Online Art Gallery v1.0 is vulnerable to multiple...
TEx – Telegram Monitor
TEx is a Telegram Explorer tool created to help Researchers, Investigators and Law Enforcement Agents to Collect and Process the...
HackerOne Bug Bounty Disclosure: b-google-docs-link-in-js-files-allows-editing-reading-survey-information-b-bebiks
Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'bebiks'Link to Submitters Profile:https://hackerone.com/b'bebiks' Report Title:b'Google Docs link in JS files allows...
BreachForums Database Leak Alert: Habbo[.]st
BreachForums - Databreach discussion & leaks forum. NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
BreachForums Database Leak Alert: DayZ
BreachForums - Databreach discussion & leaks forum. NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
Google Play Store Introduces ‘Independent Security Review’ Badge for Apps
Google is rolling out an "Independent security review" badge in the Play Store's Data safety section for Android apps that...
StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices
An advanced strain of malware masquerading as a cryptocurrency miner has managed to fly the radar for over five years,...
Akira Ransomware Victim: Inventum Øst
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: bindagroup[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: lafase[.]cl
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: shimano[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: microtrain[.]net
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: jewell[.]edu
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: unimed[.]coop[.]br
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: translink[.]se
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: tasl[.]co[.]th
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: abhmfg[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Submitty cross-site scripting | CVE-2023-43193
NAME__________Submitty cross-site scriptingPlatforms Affected:Submitty Submitty 22.05.03Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Submitty is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Hitachi Energy MACH System Software directory traversal | CVE-2023-2621
NAME__________Hitachi Energy MACH System Software directory traversalPlatforms Affected:Hitachi Energy MACH System Software 5 Hitachi Energy MACH System Software 6 Hitachi...
Projectworlds Online Food Ordering System SQL injection | CVE-2023-45330
NAME__________Projectworlds Online Food Ordering System SQL injectionPlatforms Affected:Projectworlds Online Food Ordering System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Projectworlds Online Food Ordering System...
Projectworlds Online Food Ordering System SQL injection | CVE-2023-45340
NAME__________Projectworlds Online Food Ordering System SQL injectionPlatforms Affected:Projectworlds Online Food Ordering System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Projectworlds Online Food Ordering System...
