BlackCat/ALPHV Ransomware Victim: Allan Berger & Associates
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Month: February 2024
CISA: CISA and Partners Release Advisory on Threat Actors Exploiting Ivanti Connect Secure and Policy Secure Gateways Vulnerabilities
CISA and Partners Release Advisory on Threat Actors Exploiting Ivanti Connect Secure and Policy Secure Gateways Vulnerabilities Today, CISA and...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware
CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware Today, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State...
2024 State Of Ransomware In Education 92 Spike In K 12 Attacks
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Malicious Ads For Restricted Messaging Applications Target Chinese Users
An ongoing campaign of malicious ads has been targeting Chinese-speaking users with lures for popular messaging applications such as Telegram...
Nitrogen Shelling Malware From Hacked Sites
Nitrogen is the name given to a campaign and associated malware that have been distributed via malicious search ads. Its...
Ransomware In 2023 Recap 5 Key Takeaways
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Massive Utility Scam Campaign Spreads Via Online Ads
For many households, energy costs represent a significant part of their overall budget. And when customers want to discuss their...
Remote Monitoring Management Software Used In Phishing Attacks
Remote Monitoring & Management (RMM) software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today,...
Ransomware Review February 2024
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
One Year Later Rhadamanthys Is Still Dropped Via Malvertising
It was just a little over a year ago that the Rhadamanthys stealer was first publicly seen distributed via malicious...
Stopping A Targeted Attack On A Managed Service Provider Msp With Threatdown Mdr
In late January 2024, the ThreatDown Managed Detection and Response (MDR) team found and stopped a three-month long malware campaign...
Akira Ransomware Victim: DTN Management Compa ny
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Dark Angel Victim: Supply Technologies LLC
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
medikoo es5-ext denial of service | CVE-2024-27088
NAME__________medikoo es5-ext denial of servicePlatforms Affected:medikoo es5-ext 0.10.0 medikoo es5-ext 0.10.62Risk Level:0Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________medikoo es5-ext is vulnerable to a...
WithSecure products denial of service | CVE-2024-27359
NAME__________WithSecure products denial of servicePlatforms Affected:WithSecure Client Security 15 WithSecure Server Security 15 WithSecure Email and Server Security 15 WithSecure...
ESPHome code execution | CVE-2024-27081
NAME__________ESPHome code executionPlatforms Affected:ESPHome ESPHome 2023.12.9 ESPHome ESPHome 2024.2.0Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ESPHome could allow a remote authenticated attacker to execute...
MLflow cross-site scripting | CVE-2024-27132
NAME__________MLflow cross-site scriptingPlatforms Affected:MLflow Project MLflow 2.9.1 MLflow Project MLflow 2.9.2Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________MLflow is vulnerable to cross-site scripting, caused...
Kirby cross-site scripting | CVE-2024-27087
NAME__________Kirby cross-site scriptingPlatforms Affected:Kirby Kirby 4.0.0 Kirby Kirby 4.1.0Risk Level:4.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Kirby is vulnerable to cross-site scripting, caused by improper...
Hoppscotch open redirect | CVE-2024-27092
NAME__________Hoppscotch open redirectPlatforms Affected:Hoppscotch Hoppscotch 2023.12.5Risk Level:5.4Exploitability:UnprovenConsequences:Other DESCRIPTION__________Hoppscotch could allow a remote authenticated attacker to conduct phishing attacks, caused by...
Minder denial of service | CVE-2024-27093
NAME__________Minder denial of servicePlatforms Affected:Stacklok Minder 0.0.31 Stacklok Minder 0.0.30 Stacklok Minder 0.0.29Risk Level:4.6Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Minder is vulnerable to...
HPE Aruba ClearPass Policy Manager command execution | CVE-2024-26298
NAME__________HPE Aruba ClearPass Policy Manager command executionPlatforms Affected:HPE Aruba ClearPass Policy Manager 6.9 HPE Aruba ClearPass Policy Manager 6.10 HPE...
HPE Aruba ClearPass Policy Manager information disclosure | CVE-2024-26302
NAME__________HPE Aruba ClearPass Policy Manager information disclosurePlatforms Affected:HPE Aruba ClearPass Policy Manager 6.9 HPE Aruba ClearPass Policy Manager 6.10 HPE...
