Russia Spies on Kyiv Defenses via Hacked Cameras Before Missile Strikes
Russian intelligence hacked online surveillance cameras to spy on air defense activities and critical infrastructure in Kyiv ahead of recent...
Month: January 2024
Over 100 European Banks Face Cyber Resilience Test
Over 100 European banks will be tested on their cyber-attack response and recovery capabilities this year, the European Central Bank...
Fake and Stolen X Gold Accounts Flood Dark Web
A surge of fake or stolen X (Twitter) Gold accounts has been flooding marketplaces and forums both on the surface...
CISA: CISA and FBI Release Advisory on ALPHV Blackcat Affiliates
CISA and FBI Release Advisory on ALPHV Blackcat Affiliates Today, CISA and the Federal Bureau of Investigation (FBI) released a...
CISA: FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware
FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware Today, the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, and...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on December 19, 2023. These...
CISA: Mozilla Releases Security Updates for Firefox and Thunderbird
Mozilla Releases Security Updates for Firefox and Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird....
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on December 21, 2023. These...
CISA: CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool
CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool CISA has published the finalized Microsoft 365 Secure Configuration Baselines,...
CISA: Juniper Releases Security Advisory for Juniper Secure Analytics
Juniper Releases Security Advisory for Juniper Secure Analytics Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
RansomwareSim – A Simulated Ransomware
Overview RansomwareSim is a simulated ransomware application developed for educational and training purposes. It is designed to demonstrate how ransomware...
Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset
Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and...
Play Ransomware Victim: Madison Capital & WPM & The Time Group
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
5 Ways to Reduce SaaS Security Risks
As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security...
SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof Emails
A new exploitation technique called Simple Mail Transfer Protocol (SMTP) smuggling can be weaponized by threat actors to send spoofed...
mUPnP for C denial of service | CVE-2023-52152
NAME__________mUPnP for C denial of servicePlatforms Affected:mUPnP mUPnP 3.0.2Risk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________mUPnP for C is vulnerable to...
Winter CMS cross-site scripting | CVE-2023-52083
NAME__________Winter CMS cross-site scriptingPlatforms Affected:Winter CMS Winter CMS 1.2.3Risk Level:2.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Winter CMS is vulnerable to cross-site scripting, caused by...
Winter CMS local file include | CVE-2023-52085
NAME__________Winter CMS local file includePlatforms Affected:Winter CMS Winter CMS 1.2.3Risk Level:3.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Winter CMS could allow a remote authenticated attacker...
Winter CMS cross-site scripting | CVE-2023-52084
NAME__________Winter CMS cross-site scriptingPlatforms Affected:Winter CMS Winter CMS 1.2.3Risk Level:2.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Winter CMS is vulnerable to cross-site scripting, caused by...
MOXA OnCell G3150A-LTE Series security bypass | CVE-2023-6093
NAME__________MOXA OnCell G3150A-LTE Series security bypassPlatforms Affected:MOXA OnCell G3150A-LTE Series 1.3Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________MOXA OnCell G3150A-LTE Series could allow a...
Cloudflare Miniflare server-side request forgery | CVE-2023-7078
NAME__________Cloudflare Miniflare server-side request forgeryPlatforms Affected:Cloudflare Miniflare 3.20231030.1Risk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Cloudflare Miniflare is vulnerable to server-side request forgery, caused by...
