Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years
An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has...
Month: January 2024
Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks
Cybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ...
CISA: Citrix Releases Security Updates for NetScaler ADC and NetScaler Gateway
Citrix Releases Security Updates for NetScaler ADC and NetScaler Gateway Citrix released security updates to address vulnerabilities (CVE-2023-6548 and CVE-2023-6549)...
CISA: Incident Response Guide for the WWS Sector
Incident Response Guide for the WWS Sector Today, CISA, the Federal Bureau of Investigation (FBI), and the Environmental Protection Agency...
CISA: VMware Releases Security Advisory for Aria Automation
VMware Releases Security Advisory for Aria Automation VMware released a security advisory to address a vulnerability (CVE-2023-34063) in Aria Automation....
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Oracle Releases Critical Patch Update Advisory for January 2024
Oracle Releases Critical Patch Update Advisory for January 2024 Oracle released its Critical Patch Update Advisory for January 2024 to...
CISA: Atlassian Releases Security Updates for Multiple Products
Atlassian Releases Security Updates for Multiple Products Atlassian released a security advisory to address a vulnerability (CVE-2023-22527) in out-of-date versions...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on January 18, 2024. These...
CISA: Drupal Releases Security Advisory for Drupal Core
Drupal Releases Security Advisory for Drupal Core Drupal released a security advisory to address a vulnerability affecting multiple Drupal core versions....
CISA: CISA Issues Emergency Directive on Ivanti Vulnerabilities
CISA Issues Emergency Directive on Ivanti Vulnerabilities CISA has issued Emergency Directive (ED) 24-01 Mitigate Ivanti Connect Secure and Ivanti...
BlackCat/ALPHV Ransomware Victim: Busse & Busee, PC Attorneys at Law
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Worthen Industries [You have three days]
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
DllNotificationInjection – A POC Of A New “Threadless” Process Injection Technique That Works By Utilizing The Concept Of DLL Notification Callbacks In Local And Remote Processes
DllNotificationInection is a POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification...
Play Ransomware Victim: TPG Architecture
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
TianoCore EDK II information disclosure | US-CERT VU#132380
NAME__________TianoCore EDK II information disclosurePlatforms Affected:Risk Level:5.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________TianoCore EDK II could allow a remote attacker to obtain sensitive information,...
TianoCore EDK II denial of service | US-CERT VU#132380
NAME__________TianoCore EDK II denial of servicePlatforms Affected:Risk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________TianoCore EDK II is vulnerable to a denial...
Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecified | CVE-2024-20945
NAME__________Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecifiedPlatforms Affected:Oracle GraalVM Enterprise Edition 21.3.8 Oracle GraalVM Enterprise...
Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecified | CVE-2024-20932
NAME__________Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecifiedPlatforms Affected:Oracle GraalVM Enterprise Edition 22.3.2 Oracle GraalVM Enterprise...
Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecified | CVE-2024-20926
NAME__________Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecifiedPlatforms Affected:Oracle GraalVM Enterprise Edition 22.3.2 Oracle GraalVM Enterprise...
Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecified | CVE-2024-20919
NAME__________Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecifiedPlatforms Affected:Oracle GraalVM Enterprise Edition 21.3.8 Oracle GraalVM Enterprise...
Oracle Complex Maintenance, Repair, and Overhaul unspecified | CVE-2024-20942
NAME__________Oracle Complex Maintenance, Repair, and Overhaul unspecifiedPlatforms Affected:Oracle Complex Maintenance Repair and Overhaul 12.1 Oracle Complex Maintenance Repair and Overhaul...
TianoCore EDK II denial of service | US-CERT VU#132380
NAME__________TianoCore EDK II denial of servicePlatforms Affected:Risk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________TianoCore EDK II is vulnerable to a denial...
