CISA: CISA Requests Comment on Draft Secure Software Development Attestation Form
CISA Requests Comment on Draft Secure Software Development Attestation Form CISA has opened a 30-day Federal Register notice to receive...
Year: 2023
CISA: Mozilla Releases Security Updates for Firefox and Thunderbird
Mozilla Releases Security Updates for Firefox and Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird....
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA, FBI, MS-ISAC, and ASD’s ACSC Release Advisory on LockBit Affiliates Exploiting Citrix Bleed
CISA, FBI, MS-ISAC, and ASD’s ACSC Release Advisory on LockBit Affiliates Exploiting Citrix Bleed Today, the Cybersecurity and Infrastructure Security...
CISA: Adobe Releases Security Updates for ColdFusion
Adobe Releases Security Updates for ColdFusion On Nov. 14, 2023, Adobe released security updates addressing vulnerabilities affecting unpatched ColdFusion software....
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on November 21, 2023. These...
General Electric investigates claims of cyber attack, data theft
General Electric is investigating claims that a threat actor breached the company's development environment in a cyberattack and leaked allegedly...
Atomic Stealer malware strikes macOS via fake browser updates
The 'ClearFake' fake browser update campaign has expanded to macOS, targeting Apple computers with Atomic Stealer (AMOS) malware. The ClearFake...
US-CERT Vulnerability Summary for the Week of November 13, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocheckpoint -- endpoint_securityLocal attacker can escalate privileges on affected installations of Check...
OSINT-Framework – OSINT Framework
OSINT framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT...
Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches
The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to...
LockBit 3.0 Ransomware Victim: preidlhof[.]it
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: nrtw[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: ribolia[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
UserPro Plugin for WordPress information disclosure | CVE-2023-2446
NAME__________UserPro Plugin for WordPress information disclosurePlatforms Affected:WordPress UserPro Plugin for WordPress 5.1.0Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________UserPro Plugin for WordPress could allow...
OpenHarmony information disclosure | CVE-2023-46100
NAME__________OpenHarmony information disclosurePlatforms Affected:Risk Level:6.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenHarmony could allow a local attacker to obtain sensitive information, caused by the use...
UserPro Plugin for WordPress cross-site request forgery | CVE-2023-2438
NAME__________UserPro Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress UserPro Plugin for WordPress 5.1.0Risk Level:6.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________UserPro Plugin for WordPress is...
UserPro Plugin for WordPress cross-site request forgery | CVE-2023-2447
NAME__________UserPro Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress UserPro Plugin for WordPress 5.1.0Risk Level:6.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________UserPro Plugin for WordPress is...
UserPro Plugin for WordPress security bypass | CVE-2023-2448
NAME__________UserPro Plugin for WordPress security bypassPlatforms Affected:WordPress UserPro Plugin for WordPress 5.1.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________UserPro Plugin for WordPress could allow...
OpenHarmony denial of service | CVE-2023-47217
NAME__________OpenHarmony denial of servicePlatforms Affected:Risk Level:4Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________OpenHarmony is vulnerable to a denial of service, caused by a buffer...
Anywhere Flash Embed Plugin for WordPress cross-site scripting | CVE-2023-47811
NAME__________Anywhere Flash Embed Plugin for WordPress cross-site scriptingPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Anywhere Flash Embed Plugin for WordPress is vulnerable to...
Add Widgets to Page Plugin for WordPress cross-site scripting | CVE-2023-47808
NAME__________Add Widgets to Page Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Add Widgets to Page Plugin for WordPress 1.3.2Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting...
BP Profile Shortcodes Extra Plugin for WordPress cross-site scripting | CVE-2023-47815
NAME__________BP Profile Shortcodes Extra Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress BP Profile Shortcodes Extra Plugin for WordPress 2.5.2Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting...
Bamboo Columns Plugin for WordPress cross-site scripting | CVE-2023-47812
NAME__________Bamboo Columns Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Bamboo Columns Plugin for WordPress 1.6.1Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Bamboo Columns Plugin for...
