CISA: CISA Releases Advisory on Cyber Resilience for the HPH Sector
CISA Releases Advisory on Cyber Resilience for the HPH Sector Today, CISA released a Cybersecurity Advisory, Enhancing Cyber Resilience: Insights...
Month: December 2023
CISA: CISA Releases Seventeen Industrial Control Systems Advisories
CISA Releases Seventeen Industrial Control Systems Advisories CISA released seventeen Industrial Control Systems (ICS) advisories on December 14, 2023. These...
CISA: CISA Secure by Design Alert Urges Manufacturers to Eliminate Default Passwords
CISA Secure by Design Alert Urges Manufacturers to Eliminate Default Passwords Today, CISA published guidance on How Manufacturers Can Protect...
CISA: Fortinet Releases Security Updates for Multiple Products
Fortinet Releases Security Updates for Multiple Products Fortinet has released security updates to address vulnerabilities in multiple Fortinet products. A...
MacMaster – MAC Address Changer
MacMaster is a versatile command line tool designed to change the MAC address of network interfaces on your system. It...
Beware: Experts Reveal New Details on Zero-Click Outlook RCE Exploits
Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to...
Rhadamanthys Malware: Swiss Army Knife of Information Stealers Emerges
The developers of the information stealer malware known as Rhadamanthys are actively iterating on its features, broadening its information-gathering capabilities...
Unmasking the Dark Side of Low-Code/No-Code Applications
Low-code/no-code (LCNC) and robotic process automation (RPA) have gained immense popularity, but how secure are they? Is your security team...
HackerOne Bug Bounty Disclosure: b-mozilla-employee-s-token-for-sql-telemetry-mozilla-org-exposed-in-git-commit-b-yakirka
Company Name: b'Mozilla Core Services' Company HackerOne URL: https://hackerone.com/mozilla_core_services Submitted By:b'yakirka'Link to Submitters Profile:https://hackerone.com/b'yakirka' Report Title:b"Mozilla Employee's Token for sql.telemetry.mozilla.org...
HackerOne Bug Bounty Disclosure: b-app-pin-code-can-be-bypassed-in-files-ios-b-spell
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'spell1'Link to Submitters Profile:https://hackerone.com/b'spell1' Report Title:b'App PIN code can be bypassed in...
Critical Vulnerability in WordPress Backup Migration Plugin
WordPress has released updates addressing a critical vulnerability (CVE-2023-6553) in their Backup Migration plugin. The vulnerability has a Common Vulnerability...
Active Exploitation of Zero-Day Vulnerability in QNAP VioStor Network Video Recorder (NVR)
QNAP has released security updates to address a zero-day vulnerability (CVE-2023-47565) in their NVR products. The vulnerability is reportedly being...
CISA: FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware
FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware Today, the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure...
Medusa Locker Ransomware Victim: ATCO Products Inc
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Ransomware Victim: Biomatrix LLC
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Black Basta Ransomware Victim: hallidays[.]co[.]uk
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: vyera[.]com
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: navitaspet[.]com
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Four U.S. Nationals Charged in $80 Million Pig Butchering Crypto Scam
Four U.S. nationals have been charged for participating in an illicit scheme that earned them more than $80 million via...
QakBot Malware Resurfaces with New Tactics, Targeting the Hospitality Industry
A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law...
GLPI SQL injection | CVE-2023-43813
NAME__________GLPI SQL injectionPlatforms Affected:GLPI GLPI 10.0.10Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________GLPI is vulnerable to SQL injection. A remote authenticated attacker could send...
Dell vApp Manager command execution | CVE-2023-48665
NAME__________Dell vApp Manager command executionPlatforms Affected:Dell vApp ManagerRisk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Dell vApp Manager could allow a remote authenticated attacker to...
Dell vApp Manager command execution | CVE-2023-48663
NAME__________Dell vApp Manager command executionPlatforms Affected:Dell vApp ManagerRisk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Dell vApp Manager could allow a remote authenticated attacker to...
Zoom Mobile App for Android, Zoom Mobile App for iOS and Zoom SDKs nformation disclosure | CVE-2023-43583
NAME__________Zoom Mobile App for Android, Zoom Mobile App for iOS and Zoom SDKs nformation disclosurePlatforms Affected:Zoom Video SDK Zoom Mobile...
