Month: January 2024

CISA

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

January 8, 2024

CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...

CISA

CISA: CISA Releases Three Industrial Control Systems Advisories

January 8, 2024

CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on January 4, 2024. These...

CISA

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

January 8, 2024

CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...

PPLBlade – Protected Process Dumper Tool

January 7, 2024

Protected Process Dumper Tool that support obfuscating memory dump and transferring it on remote workstations without dropping it onto the...

Apktool directory traversal | CVE-2024-21633

January 7, 2024

NAME__________Apktool directory traversalPlatforms Affected:Apktool Apktool 2.9.1Risk Level:7.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apktool could allow a remote attacker to traverse directories on the system,...

BianLian Ransomware Victim: AMCO Proteins

January 7, 2024

BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Cyber Security Tip of the Week: Security Information and Event Management – A Defensive Approach

January 7, 2024

<h1>Cyber Security Tip of the Week: Security Information and Event Management – A Defensive Approach</h1> <p>In an online world wrought...

CISA

CISA: CISA Releases Two Industrial Control Systems Advisories

January 7, 2024

CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on December 21, 2023. These...

CISA

CISA: Apple Releases Security Updates for Multiple Products

January 7, 2024

Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, and...

CISA

CISA: CISA Releases Seven Industrial Control Systems Advisories

January 7, 2024

CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on December 19, 2023. These...

CISA

CISA: CISA and FBI Release Advisory on ALPHV Blackcat Affiliates

January 7, 2024

CISA and FBI Release Advisory on ALPHV Blackcat Affiliates Today, CISA and the Federal Bureau of Investigation (FBI) released a...

CISA

CISA: Mozilla Releases Security Updates for Firefox and Thunderbird

January 7, 2024

Mozilla Releases Security Updates for Firefox and Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird....

CISA

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

January 7, 2024

CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...

CISA

CISA: Juniper Releases Security Advisory for Juniper Secure Analytics

January 7, 2024

Juniper Releases Security Advisory for Juniper Secure Analytics Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure...

CISA

CISA: CISA Releases Three Industrial Control Systems Advisories

January 7, 2024

CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on January 4, 2024. These...

CISA

CISA: CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool

January 7, 2024

CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool CISA has published the finalized Microsoft 365 Secure Configuration Baselines,...

CISA

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

January 7, 2024

CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...

badef2eea0c50e6d797fc97a0c2b0865f73e10c7ea5fe8fcf657c08f7d80e7f6

Valid8Proxy – Tool Designed For Fetching, Validating, And Storing Working Proxies

January 6, 2024

Valid8Proxy is a versatile and user-friendly tool designed for fetching, validating, and storing working proxies. Whether you need proxies for...

Play Ransomware Victim: Televerde

January 6, 2024

Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

WebinarIgnition Plugin for WordPress SQL injection | CVE-2023-51423

January 6, 2024

NAME__________WebinarIgnition Plugin for WordPress SQL injectionPlatforms Affected:WordPress webinar-ignition Plugin for WordPress 3.05.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________WebinarIgnition Plugin for WordPress is vulnerable...

S-CMS member/reg.php SQL injection | CVE-2023-7191

January 6, 2024

NAME__________S-CMS member/reg.php SQL injectionPlatforms Affected:S-CMS S-CMS 2.0_build20220529-20231006Risk Level:5.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________S-CMS is vulnerable to SQL injection. A remote authenticated attacker could...

Apache Axis server-side request forgery | CVE-2023-51441

January 6, 2024

NAME__________Apache Axis server-side request forgeryPlatforms Affected:Apache Axis 1.3Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Axis is vulnerable to server-side request forgery, caused by...

Inductive Automation Ignition code execution | CVE-2023-50220

January 6, 2024

NAME__________Inductive Automation Ignition code executionPlatforms Affected:Inductive Automation Ignition 8.1.34Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Inductive Automation Ignition could allow a remote authenticated attacker...

RRJ Nueva Ecija Engineer Online Portal information disclosure | CVE-2024-0191

January 6, 2024

NAME__________ RRJ Nueva Ecija Engineer Online Portal information disclosurePlatforms Affected:RRJ Nueva Ecija Engineer Online Portal 1.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________RRJ Nueva...

Month: January 2024

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA: CISA Releases Three Industrial Control Systems Advisories

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

PPLBlade – Protected Process Dumper Tool

Apktool directory traversal | CVE-2024-21633

BianLian Ransomware Victim: AMCO Proteins

Cyber Security Tip of the Week: Security Information and Event Management – A Defensive Approach

CISA: CISA Releases Two Industrial Control Systems Advisories

CISA: Apple Releases Security Updates for Multiple Products

CISA: CISA Releases Seven Industrial Control Systems Advisories

CISA: CISA and FBI Release Advisory on ALPHV Blackcat Affiliates

CISA: Mozilla Releases Security Updates for Firefox and Thunderbird

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA: Juniper Releases Security Advisory for Juniper Secure Analytics

CISA: CISA Releases Three Industrial Control Systems Advisories

CISA: CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

Valid8Proxy – Tool Designed For Fetching, Validating, And Storing Working Proxies

Play Ransomware Victim: Televerde

WebinarIgnition Plugin for WordPress SQL injection | CVE-2023-51423

S-CMS member/reg.php SQL injection | CVE-2023-7191

Apache Axis server-side request forgery | CVE-2023-51441

Inductive Automation Ignition code execution | CVE-2023-50220

RRJ Nueva Ecija Engineer Online Portal information disclosure | CVE-2024-0191

[RANSOMHUB] – Ransomware Victim: blr[.]com

HackerOne Bug Bounty Disclosure: std-process-command-batch-files-argument-escaping-could-be-bypassed-with-trailing-whitespace-or-periods–xpl-r-r

[LOCKBIT3] – Ransomware Victim: madison-home[.]com

[CHORT] – Ransomware Victim: sheboyganwi[.]gov

[QILIN] – Ransomware Victim: Zimmerman & Frachtman PA Law Firm

You may have missed