Industry Coalition Calls For Enhanced Network Resilience
A new industry group of big-name vendors has launched with a mission to improve network and hardware resilience worldwide.Coordinated by...
Year: 2023
Education Sector Has Highest Share of Ransomware Victims
The education sector recorded a higher share of ransomware victims than any other in 2022, according to a new report...
Group-IB Founder Sentenced in Russia to 14 Years for Treason
The Moscow City Court has sentenced Ilya Sachkov, the founder of cybersecurity provider Group-IB, to 14 years in prison for...
VMware Patches Vulnerability Exposing Admin Credentials
VMware addressed a vulnerability on Tuesday that impacts its Tanzu Application Service for VMs and Isolation Segment products. The flaw, tracked as CVE-2023-20891, poses...
Repeatable VEC Attacks Target Critical Infrastructure
The threat of vendor email compromise (VEC) attacks has escalated, with recent data showing a sharp increase in such cyber-threats. According...
Dark Web Markets Offer New FraudGPT AI Tool
Cybersecurity experts have identified a new AI tool called “FraudGPT,” circulating on the Dark Web and Telegram channels since July 22 2023. FraudGPT...
CISA: Atlassian Releases Security Updates
Atlassian Releases Security Updates Atlassian has released its Security Bulletin for July 2023(link is external) to address vulnerabilities in Confluence Data...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on July 20, 2023. This...
CISA: Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078
Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078 A vulnerability discovered in Ivanti Endpoint Manager Mobile (EPMM, previously...
CISA: CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519
CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519 The Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. An attacker...
CISA: CISA Releases Analysis of FY22 Risk and Vulnerability Assessments
CISA Releases Analysis of FY22 Risk and Vulnerability Assessments CISA has released an analysis and infographic detailing the findings from...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on July 25, 2023. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
BreachForums – 212,156 breached accounts
HIBP In November 2022, the well-known hacking forum "BreachForums" was itself, breached. Later the following year, the operator of the...
US-CERT Vulnerability Summary for the Week of July 17, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infooliva_expertise -- oliva_expertise_eks Improper Neutralization of Special Elements used in an SQL...
HackerOne Bug Bounty Disclosure: b-csrf-in-seller-us-tiktok-com-profile-account-setting-delegation-login-b-eye
Company Name: b'TikTok' Company HackerOne URL: https://hackerone.com/tiktok Submitted By:b'eye_'Link to Submitters Profile:https://hackerone.com/b'eye_' Report Title:b'CSRF in seller-us.tiktok.com/profile/account-setting/delegation-login 'Report Link:https://hackerone.com/reports/2002352Date Submitted:26 July...
CISA: CISA Releases Analysis of FY22 Risk and Vulnerability Assessments
CISA Releases Analysis of FY22 Risk and Vulnerability Assessments CISA has released an analysis and infographic detailing the findings from...
Akira Ransomware Victim: Becht Engineering
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: selmi[.]com[.]br
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
GNOME librsvg directory traversal | CVE-2023-38633
NAME__________GNOME librsvg directory traversalPlatforms Affected:GNOME librsvg 2.56.2Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________GNOME librsvg could allow a remote attacker to traverse directories on...
Weaver e-cology SQL injection | CVE-2023-3793
NAME__________Weaver e-cology SQL injectionPlatforms Affected:Weaver e-cology 10.57Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Weaver e-cology is vulnerable to SQL injection. A remote attacker could...
