Consumer lender TMX discloses data breach impacting 4.8 million people
TMX Finance and its subsidiaries TitleMax, TitleBucks, and InstaLoan have collectively disclosed a data breach that exposed the personal data...
Year: 2023
15 million public-facing services vulnerable to CISA KEV flaws
Over 15 million publicly facing services are susceptible to at least one of the 896 vulnerabilities listed in CISA's KEV...
Hackers exploit bug in Elementor Pro WordPress plugin with 11M installs
Hackers are actively exploiting a high-severity vulnerability in the popular Elementor Pro WordPress plugin used by over eleven million websites....
Sundry Files – 274,461 breached accounts
HIBP In January 2022, the now defunct file upload service Sundry Files suffered a data breach that exposed 274k unique...
Leaked Reality – 114,907 breached accounts
HIBP In January 2022, the now defunct uncensored video website Leaked Reality suffered a data breach that exposed 115k unique...
US-CERT Vulnerability Summary for the Week of March 20, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Daily Threat Intelligence – March 31 – 2023
Email inboxes of NATO, diplomats, and government and military officials are being targeted by an APT group whose operations appear...
Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability
The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as...
Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam
The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal...
Deep Dive Into 6 Key Steps to Accelerate Your Incident Response
Organizations rely on Incident response to ensure they are immediately aware of security incidents, allowing for quick action to minimize...
3CX Supply Chain Attack — Here’s What We Know So Far
Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are...
LockBit 3.0 Ransomware Victim: okcu[.]edu
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: groupe-seche[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: statravel[.]de
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hacla[.]org [part 2]
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: theus-industries[.]fr
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
lambdaisland/uri security bypass | CVE-2023-28628
NAME__________lambdaisland/uri security bypassPlatforms Affected:lambdaisland/uri lambdaisland/uri 1.13.95Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________lambdaisland/uri could allow a remote attacker to bypass security restrictions, caused by...
WordPress Ping Optimizer Plugin for WordPress cross-site request forgery | CVE-2022-30705
NAME__________WordPress Ping Optimizer Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress WordPress Ping Optimizer Plugin for WordPress 2.35.1.2.3Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________WordPress...
IEEE 802.11 spoofing | CVE-2022-47522
NAME__________IEEE 802.11 spoofingPlatforms Affected:IEEE 802.11Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________IEEE 802.11 could allow a remote attacker to conduct spoofing attacks, caused by...
Apple macOS Ventura, iOS and iPadOS information disclosure | CVE-2023-23527
NAME__________Apple macOS Ventura, iOS and iPadOS information disclosurePlatforms Affected:Apple macOS Ventura 13.2 Apple iOS 16.3 Apple iPadOS 16.3Risk Level:6.2Exploitability:UnprovenConsequences:Obtain Information...
Apple macOS Ventura, iOS and iPadOS security bypass | CVE-2023-23532
NAME__________Apple macOS Ventura, iOS and iPadOS security bypassPlatforms Affected:Apple macOS Ventura 13.2 Apple iOS 16.3 Apple iPadOS 16.3Risk Level:7.7Exploitability:UnprovenConsequences:Bypass Security...
RouterOS denial of service | CVE-2023-24094
NAME__________RouterOS denial of servicePlatforms Affected:Risk Level:5.3Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________RouterOS is vulnerable to a denial of service, caused by...
Apple macOS Ventura, iOS and iPadOS security bypass | CVE-2023-27932
NAME__________Apple macOS Ventura, iOS and iPadOS security bypassPlatforms Affected:Apple macOS Ventura 13.2 Apple iOS 16.3 Apple iPadOS 16.3Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security...
Ruijie Networks RG-EW1200G PRO, Ruijie Networks RG-EW1800GX PRO, and Ruijie Networks RG-EW3200GX PRO command execution | CVE-2023-27796
NAME__________Ruijie Networks RG-EW1200G PRO, Ruijie Networks RG-EW1800GX PRO, and Ruijie Networks RG-EW3200GX PRO command executionPlatforms Affected:Risk Level:6.3Exploitability:Proof of ConceptConsequences:Gain Access...
