New Ransomware Campaign Targets Citrix NetScaler Flaw
Cybersecurity experts at Sophos X-Ops have uncovered a wave of attacks targeting unpatched Citrix NetScaler systems exposed to the internet. Describing...
Year: 2023
Microsoft Warns of Adversary-in-the-Middle Uptick on Phishing Platforms
Microsoft has observed a proliferation of adversary-in-the-middle (AiTM) techniques deployed through phishing-as-a-service (PhaaS) platforms, the company explained in a series...
US-CERT Vulnerability Summary for the Week of August 21, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoqemu -- qemuThe hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model...
DNSWatch – DNS Traffic Sniffer and Analyzer
DNSWatch is a Python-based tool that allows you to sniff and analyze DNS (Domain Name System) traffic on your network....
HackerOne Bug Bounty Disclosure: b-idor-delete-all-licenses-and-certifications-from-users-account-using-createorupdatehackercertification-graphql-query-b-callmed
Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'callmed0_4'Link to Submitters Profile:https://hackerone.com/b'callmed0_4' Report Title:b'IDOR - Delete all Licenses and certifications...
HackerOne Bug Bounty Disclosure: b-names-not-completely-redacted-despite-redact-the-names-of-the-involved-users-is-selected-b-japz
Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'japz'Link to Submitters Profile:https://hackerone.com/b'japz' Report Title:b'Names not completely redacted despite "Redact the...
DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates
A new malspam campaign has been observed deploying an off-the-shelf malware called DarkGate. "The current spike in DarkGate malware activity...
Citrix NetScaler Alert: Ransomware Hackers Exploiting Critical Vulnerability
Unpatched Citrix NetScaler systems exposed to the internet are being targeted by unknown threat actors in what's suspected to be...
Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom
A suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway (ESG) appliances to...
Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks
Microsoft is warning of an increase in adversary-in-the-middle (AiTM) phishing techniques, which are being propagated as part of the phishing-as-a-service...
Survey Provides Takeaways for Security Pros to Operationalize their Remediation Life Cycle
Ask any security professional and they'll tell you that remediating risks from various siloed security scanning tools requires a tedious...
Akira Ransomware Victim: Cutler-Smith
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Jasper High School
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
DedeCMS freelist_add.php cross-site scripting | CVE-2023-40874
NAME__________DedeCMS freelist_add.php cross-site scriptingPlatforms Affected:DedeCMS DedeCMS 5.7.110Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________DedeCMS is vulnerable to cross-site scripting, caused by improper validation of...
Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS 6300 Series Fabric Interconnects denial of service | CVE-2023-20200
NAME__________Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS 6300 Series Fabric Interconnects denial of servicePlatforms Affected:Cisco UCS 6300...
Apache Airflow, Airflow SMTP Provider and Airflow IMAP Provider man-in-the-middle | CVE-2023-39441
NAME__________Apache Airflow, Airflow SMTP Provider and Airflow IMAP Provider man-in-the-middlePlatforms Affected:Apache Airflow 2.6.3 Apache Airflow SMTP Provider 1.2.0 Apache Airflow...
Supermicro X11, X12, X13, and H11, H12, H13 motherboards privilege escalation | CVE-2023-34853
NAME__________Supermicro X11, X12, X13, and H11, H12, H13 motherboards privilege escalationPlatforms Affected:Supermicro X11 Supermicro H11 Supermicro H12 Supermicro X12 Supermicro...
Order Your Posts Manually Plugin for WordPress cross-site scripting | CVE-2023-32510
NAME__________Order Your Posts Manually Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Order Your Posts Manually plugin for WordPress 2.2.5Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting...
Donations Made Easy Plugin for WordPress cross-site scripting | CVE-2023-32603
NAME__________Donations Made Easy Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Smart Donations Plugin for WordPress 4.0.12Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Donations Made Easy...
DedeCMS freelist_add.php cross-site scripting | CVE-2023-40876
NAME__________DedeCMS freelist_add.php cross-site scriptingPlatforms Affected:DedeCMS DedeCMS 5.7.110Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________DedeCMS is vulnerable to cross-site scripting, caused by improper validation of...
ZTE MF286R command execution | CVE-2023-25649
NAME__________ZTE MF286R command executionPlatforms Affected:ZTE MF286R CR_LVWRGBMF286RV1.0.0B04Risk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ZTE MF286R could allow a remote attacker to execute arbitrary commands...
DedeCMS vote_edit.php cross-site scripting | CVE-2023-40875
NAME__________DedeCMS vote_edit.php cross-site scriptingPlatforms Affected:DedeCMS DedeCMS 5.7.110Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________DedeCMS is vulnerable to cross-site scripting, caused by improper validation of...
FV Flowplayer Video Player Plugin for WordPress cross-site scripting | CVE-2023-4520
NAME__________FV Flowplayer Video Player Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress FV Flowplayer Video Player Plugin for WordPress 7.5.37.7212Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting...
DedeCMS freelist_edit.php cross-site scripting | CVE-2023-40877
NAME__________DedeCMS freelist_edit.php cross-site scriptingPlatforms Affected:DedeCMS DedeCMS 5.7.110Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________DedeCMS is vulnerable to cross-site scripting, caused by improper validation of...
