U.S. Government Agencies’ Emails Compromised in China-Backed Cyber Attack
An unnamed Federal Civilian Executive Branch (FCEB) agency in the U.S. detected anomalous email activity in mid-June 2023, leading to...
Year: 2023
Python-Based PyLoose Fileless Attack Targets Cloud Workloads for Cryptocurrency Mining
A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner,...
Microsoft Thwarts Chinese Cyber Attack Targeting Western European Governments
Microsoft on Tuesday revealed that it repelled a cyber attack staged by a Chinese nation-state actor targeting two dozen organizations,...
New Vulnerabilities Disclosed in SonicWall and Fortinet Network Security Products
SonicWall on Wednesday urged customers of Global Management System (GMS) firewall management and Analytics network reporting engine software to apply...
NOESCAPE Ransomware Victim: Innodis Group
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Ransomware payments on record-breaking trajectory for 2023
Image: Bing Create Data from the first half of the year indicates that ransomware activity is on track to break...
Microsoft: Chinese hackers breached US govt Exchange email accounts
A Chinese hacking group has breached the email accounts of more than two dozen organizations worldwide, including U.S. and Western...
Fortinet warns of critical RCE flaw in FortiOS, FortiProxy devices
Fortinet has disclosed a critical severity flaw impacting FortiOS and FortiProxy, allowing a remote attacker to perform arbitrary code execution...
New PyLoose Linux malware mines crypto directly from memory
A new fileless malware named PyLoose has been targeting cloud workloads to hijack their computational resources for Monero cryptocurrency mining....
SonicWall warns admins to patch critical auth bypass bugs immediately
SonicWall warned customers today to urgently patch multiple critical vulnerabilities impacting the company's Global Management System (GMS) firewall management and...
Critical RCE found in popular Ghostscript open-source PDF library
Image: Bing Create Ghostscript, an open-source interpreter for PostScript language and PDF files widely used in Linux, has been found...
GitHub goes passwordless, announces passkeys beta preview
GitHub announced today the introduction of passwordless authentication support in public beta, allowing users to upgrade from security keys to...
Russian state hackers lure Western diplomats with BMW car ads
The Russian state-sponsored hacking group 'APT29' (aka Nobelium, Cloaked Ursa) has been using unconventional lures like car listings to entice...
CISA: Adobe Releases Security Updates for ColdFusion and InDesign
Adobe Releases Security Updates for ColdFusion and InDesign Adobe has released security updates to address vulnerabilities affecting ColdFusion(link is external) and...
CISA: Fortinet Releases Security Update for FortiOS and FortiProxy
Fortinet Releases Security Update for FortiOS and FortiProxy Fortinet has released a security update to address a critical vulnerability (CVE-2023-33308)...
CISA: CISA Adds One Known Vulnerability to Catalog
CISA Adds One Known Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Five Known Vulnerabilities to Catalog
CISA Adds Five Known Vulnerabilities to Catalog CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities
Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities Progress Software has released a Service Pack to address three newly...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Critical Industrial Control Systems (ICS) advisory on July 12, 2023....
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on July 11, 2023. These...
CISA: Mozilla Releases Security Update for Firefox and Firefox ESR
Mozilla Releases Security Update for Firefox and Firefox ESR Mozilla has released a security update to address a vulnerability in...
CISA: Microsoft Releases July 2023 Security Updates
Microsoft Releases July 2023 Security Updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can...
CISA: CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online The Cybersecurity and Infrastructure...
US-CERT Vulnerability Summary for the Week of July 3, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infosem-cms -- semcmsFile Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers...
