“TicTacToe Dropper” Malware Distribution Tactics Revealed
A recent study conducted by the FortiGuard team has shed light on a sophisticated malware distribution strategy observed throughout 2023. In...
Month: February 2024
Microsoft, OpenAI Confirm Nation-States are Weaponizing Generative AI in Cyber-Attacks
Nation-state threat actors are making use of generative AI tools, including large language models (LLMs) like ChatGPT, in their cyber...
Prudential Financial Faces Cybersecurity Breach
Prudential Financial has disclosed a cybersecurity breach. Detected on February 5 2024, the breach involved unauthorized access to certain company systems.In...
CISA: ISC Releases Security Advisories for BIND 9
ISC Releases Security Advisories for BIND 9 The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple...
CISA: Microsoft Releases Security Updates for Multiple Products
Microsoft Releases Security Updates for Multiple Products Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat...
CISA: Priorities of the Joint Cyber Defense Collaborative for 2024
Priorities of the Joint Cyber Defense Collaborative for 2024 Today, CISA—on behalf of the collective group of industry and government...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on February 13, 2024. These...
CISA: Adobe Releases Security Updates for Multiple Products
Adobe Releases Security Updates for Multiple Products Adobe has released security updates to address vulnerabilities in Adobe software. A cyber...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and MS-ISAC Release Advisory on Compromised Account Used to Access State Government Organization
CISA and MS-ISAC Release Advisory on Compromised Account Used to Access State Government Organization Today, CISA and the Multi-State Information...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Seventeen Industrial Control Systems Advisories
CISA Releases Seventeen Industrial Control Systems Advisories CISA released seventeen Industrial Control Systems (ICS) advisories on February 15, 2024. These...
BlackCat/ALPHV Ransomware Victim: ASA Electronics [2[.]7 TB]
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Rush Energy Services Inc [Time’s up]
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
CISA: CISA and MS-ISAC Release Advisory on Compromised Account Used to Access State Government Organization
CISA and MS-ISAC Release Advisory on Compromised Account Used to Access State Government Organization Today, CISA and the Multi-State Information...
CISA: CISA Releases Seventeen Industrial Control Systems Advisories
CISA Releases Seventeen Industrial Control Systems Advisories CISA released seventeen Industrial Control Systems (ICS) advisories on February 15, 2024. These...
HackerOne Bug Bounty Disclosure: -ssrf-my-stripo-email-via-the-setup-wizard-parameter-deb-con
Company Name: Stripo Inc Company HackerOne URL: https://hackerone.com/stripo Submitted By:deb0conLink to Submitters Profile:https://hackerone.com/deb0con Report Title: mystripoemail via the setup-wizard parameterReport...
HackerOne Bug Bounty Disclosure: -demo-stripo-email-http-request-smuggling-deb-con
Company Name: Stripo Inc Company HackerOne URL: https://hackerone.com/stripo Submitted By:deb0conLink to Submitters Profile:https://hackerone.com/deb0con Report Title:stripoemail] HTTP request SmugglingReport Link:https://hackerone.com/reports/1631228Date Submitted:15...
HackerOne Bug Bounty Disclosure: non-revoked-api-key-disclosure-in-a-disclosed-api-key-disclosure-report-on-stripo-sankalpa
Company Name: Stripo Inc Company HackerOne URL: https://hackerone.com/stripo Submitted By:sankalpa_1337Link to Submitters Profile:https://hackerone.com/sankalpa_1337 Report Title:Non-revoked API Key Disclosure in a...
HackerOne Bug Bounty Disclosure: multiple-permission-model-bypasses-due-to-improper-path-traversal-sequence-sanitization-xion
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:xionLink to Submitters Profile:https://hackerone.com/xion Report Title:Multiple permission model bypasses due to improper...
HackerOne Bug Bounty Disclosure: path-traversal-by-monkey-patching-buffer-internals-tniessen
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:tniessenLink to Submitters Profile:https://hackerone.com/tniessen Report Title:Path traversal by monkey-patching Buffer internalsReport Link:https://hackerone.com/reports/2218653Date...
HackerOne Bug Bounty Disclosure: improper-handling-of-wildcards-in-allow-fs-read-and-allow-fs-write-tniessen
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:tniessenLink to Submitters Profile:https://hackerone.com/tniessen Report Title:Improper handling of wildcards in --allow-fs-read and...
HackerOne Bug Bounty Disclosure: code-injection-and-privilege-escalation-through-linux-capabilities-tniessen
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:tniessenLink to Submitters Profile:https://hackerone.com/tniessen Report Title:Code injection and privilege escalation through Linux...
