CSA Launches First Zero Trust Certification
The Cloud Security Alliance (CSA) has introduced the Certificate of Competence in Zero Trust (CCZT), the industry’s inaugural authoritative zero...
Year: 2023
Cyber-Criminals Exploit Gaza Crisis With Fake Charity
Cybersecurity researchers have uncovered a charity attack exploiting the ongoing events in Gaza and Israel. Cyber-criminals targeted 212 individuals across...
Black Friday: Malwarebytes Warns of Credit Card Skimming Surge
With Black Friday and Cyber Monday around the corner, anti-malware provider Malwarebytes has warned about the rise of credit card...
Russian Hacking Group Sandworm Linked to Unprecedented Attack on Danish Critical Infrastructure
Notorious Russian nation-state threat actor Sandworm has been linked to the largest ever cyber-attack targeting critical infrastructure in Denmark.The incident...
US-CERT Vulnerability Summary for the Week of November 6, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info1e -- platformThe 1E-Exchange-URLResponseTime instruction that is part of the Network product...
Padre – Blazing Fast, Advanced Padding Oracle Exploit
padre is an advanced exploiter for Padding Oracle attacks against CBC mode encryption Features: blazing fast, concurrent implementation decryption of...
Three Ways Varonis Helps You Fight Insider Threats
What do basketball teams, government agencies, and car manufacturers have in common? Each one has been breached, having confidential, proprietary,...
The Importance of Continuous Security Monitoring for a Robust Cybersecurity Strategy
In 2023, the global average cost of a data breach reached $4.45 million. Beyond the immediate financial loss, there are...
New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar
Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code...
U.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads Guilty
The U.S. government on Tuesday announced the takedown of the IPStorm botnet proxy network and its infrastructure, as the Russian...
Russian Hackers Linked to ‘Largest Ever Cyber Attack’ on Danish Critical Infrastructure
Russian threat actors have been possibly linked to what's been described as the "largest cyber attack against Danish critical infrastructure,"...
Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks
A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be...
How to Automate the Hardest Parts of Employee Offboarding
According to recent research on employee offboarding, 70% of IT professionals say they've experienced the negative effects of incomplete IT...
Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups
A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer...
CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks
The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors. The advisory comes...
Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw
A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been...
HackerOne Bug Bounty Disclosure: b-unauthorised-cocoapods-auth-via-token-leakage-http-header-injection-b-reefspek
Company Name: b'Snowplow' Company HackerOne URL: https://hackerone.com/snowplow Submitted By:b'reefspek'Link to Submitters Profile:https://hackerone.com/b'reefspek' Report Title:b'Unauthorised CocoaPods Auth via Token Leakage &...
Medusa Locker Ransomware Victim: Toyota Financial
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Black Basta Ransomware Victim: uchlogistics[.]co[.]uk
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: citycontainer[.]dk
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Akira Ransomware Victim: Inventum Øst
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: tarltonandson[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: kwhfreeze[.]fi
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: adyne[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
