Flaw in Apache ActiveMQ Exposes Linux Systems to Kinsing Malware
A critical vulnerability in Apache ActiveMQ, identified as CVE-2023-46604, has been exposed, revealing an active exploitation scenario by the notorious...
Year: 2023
CISA: Citrix Releases Security Updates for Citrix Hypervisor
Citrix Releases Security Updates for Citrix Hypervisor Citrix has released security updates addressing vulnerabilities in Citrix Hypervisor 8.2 CU1 LTSR....
CISA: CISA Requests Comment on Draft Secure Software Development Attestation Form
CISA Requests Comment on Draft Secure Software Development Attestation Form CISA has opened a 30-day Federal Register notice to receive...
CISA: CISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) Sector
CISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) Sector Today, CISA released the Mitigation Guide: Healthcare and Public...
CISA: Juniper Releases Security Advisory for Juniper Secure Analytics
Juniper Releases Security Advisory for Juniper Secure Analytics Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure...
CISA: FBI and CISA Release Advisory on Scattered Spider Group
FBI and CISA Release Advisory on Scattered Spider Group Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on November 21, 2023. These...
CISA: Mozilla Releases Security Updates for Firefox and Thunderbird
Mozilla Releases Security Updates for Firefox and Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird....
CISA: Adobe Releases Security Updates for ColdFusion
Adobe Releases Security Updates for ColdFusion On Nov. 14, 2023, Adobe released security updates addressing vulnerabilities affecting unpatched ColdFusion software....
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA, FBI, MS-ISAC, and ASD’s ACSC Release Advisory on LockBit Affiliates Exploiting Citrix Bleed
CISA, FBI, MS-ISAC, and ASD’s ACSC Release Advisory on LockBit Affiliates Exploiting Citrix Bleed Today, the Cybersecurity and Infrastructure Security...
Play Ransomware Victim: McHale Landscape Design
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
US-CERT Vulnerability Summary for the Week of November 13, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocheckpoint -- endpoint_securityLocal attacker can escalate privileges on affected installations of Check...
Deepsecrets – Secrets Scanner That Understands Code
Yet another tool - why? Existing tools don't really "understand" code. Instead, they mostly parse texts. DeepSecrets expands classic regex-search...
HackerOne Bug Bounty Disclosure: b-idor-vulnerability-on-profile-picture-changing-mechanism-which-discloses-other-user-s-profile-picture-b-triple-h
Company Name: b'Glassdoor' Company HackerOne URL: https://hackerone.com/glassdoor Submitted By:b'triple_h'Link to Submitters Profile:https://hackerone.com/b'triple_h' Report Title:b"IDOR vulnerability on profile picture changing mechanism...
HackerOne Bug Bounty Disclosure: b-organization-members-can-delete-reports-in-teams-they-have-no-access-to-b-verw-tch
Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'0verw4tch'Link to Submitters Profile:https://hackerone.com/b'0verw4tch' Report Title:b'Organization members can delete reports in teams...
New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login
A new research has uncovered multiple vulnerabilities that could be exploited to bypass Windows Hello authentication on Dell Inspiron 15,...
Medusa Locker Ransomware Victim: Community Hospital
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
AI Solutions Are the New Shadow IT
Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security RisksLike the SaaS shadow IT of the past, AI is...
North Korean Hackers Pose as Job Recruiters and Seekers in Malware Campaigns
North Korean threat actors have been linked to two campaigns in which they masquerade as both job recruiters and seekers...
ClearFake Campaign Expands to Target Mac Systems with Atomic Stealer
The macOS information stealer known as Atomic is now being delivered to target via a bogus web browser update chain...
LockBit 3.0 Ransomware Victim: qautomotive[.]com[.]au
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: floydskerenlaw[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: martinique[.]no
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
