Massive Utility Scam Campaign Spreads Via Online Ads
For many households, energy costs represent a significant part of their overall budget. And when customers want to discuss their...
Month: February 2024
Remote Monitoring Management Software Used In Phishing Attacks
Remote Monitoring & Management (RMM) software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today,...
One Year Later Rhadamanthys Is Still Dropped Via Malvertising
It was just a little over a year ago that the Rhadamanthys stealer was first publicly seen distributed via malicious...
Ransomware In 2023 Recap 5 Key Takeaways
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Medusa Locker Ransomware Victim: Penn Cinema
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Ransomware Victim: The Professional Liability Fund
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Ransomware Victim: Southwest Industrial Sales
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Ransomware Victim: JS International
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
SourceCodester Employee Management System SQL injection | CVE-2024-1877
NAME__________SourceCodester Employee Management System SQL injectionPlatforms Affected:SourceCodester Employee Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________SourceCodester Employee Management System is vulnerable to...
SourceCodester Employee Management System cross-site scripting | CVE-2024-1871
NAME__________SourceCodester Employee Management System cross-site scriptingPlatforms Affected:SourceCodester Employee Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________SourceCodester Employee Management System is vulnerable to...
Eclipse Jetty denial of service | CVE-2024-22201
NAME__________Eclipse Jetty denial of servicePlatforms Affected:Eclipse Jetty 9.3.0 Eclipse Jetty 10.0.0 Eclipse Jetty 11.0.0 Eclipse Jetty 12.0.0Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service...
SourceCodester Employee Management System SQL injection | CVE-2024-1878
NAME__________SourceCodester Employee Management System SQL injectionPlatforms Affected:SourceCodester Employee Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________SourceCodester Employee Management System is vulnerable to...
Image Source Control Plugin for WordPress information disclosure | CVE-2023-52187
NAME__________Image Source Control Plugin for WordPress information disclosurePlatforms Affected:WordPress Image Source Control Plugin for WordPress 2.17.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Image Source...
baserCMS cross-site scripting | CVE-2023-44379
NAME__________baserCMS cross-site scriptingPlatforms Affected:baserproject baserCMS 5.0.8Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________baserCMS is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Mitsubishi Electric MELSEC iQ-F devices denial of service | CVE-2023-7033
NAME__________Mitsubishi Electric MELSEC iQ-F devices denial of servicePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Mitsubishi Electric MELSEC iQ-F devices are vulnerable to...
Complaint Management System file upload | CVE-2024-1875
NAME__________Complaint Management System file uploadPlatforms Affected:Complaint Management System Complaint Management System 1.0Risk Level:4.3Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________Complaint Management System could allow a...
XenSource Xen denial of service | CVE-2023-46841
NAME__________XenSource Xen denial of servicePlatforms Affected:XenSource Xen 4.14 XenSource Xen 5.5.0 XenSource Xen 4.15 Xensource Xen 4.16 XenSource Xen 4.17Risk...
Apache Ambari information disclosure | CVE-2023-50380
NAME__________Apache Ambari information disclosurePlatforms Affected:Apache Ambari 2.7.0 Apache Ambari 2.7.7Risk Level:6.5Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Apache Ambari could allow a remote authenticated attacker...
Apache Aurora information disclosure | CVE-2024-27905
NAME__________Apache Aurora information disclosurePlatforms Affected:Apache Aurora 0.5.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache Aurora could allow a remote attacker to obtain sensitive information,...
IBM InfoSphere Information Server cross-site scripting | CVE-2023-50303
NAME__________IBM InfoSphere Information Server cross-site scriptingPlatforms Affected:IBM InfoSphere Information Server 11.7Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________IBM InfoSphere Information Server 11.7 is vulnerable...
VMware Workstation and Fusion information disclosure | CVE-2024-22251
NAME__________VMware Workstation and Fusion information disclosurePlatforms Affected:VMware Fusion 13 VMware Workstation 17Risk Level:5.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________VMware Workstation and Fusion could allow...
Apache James Mime4J security bypass | CVE-2024-21742
NAME__________Apache James Mime4J security bypassPlatforms Affected:Apache James Mime4J 0.8.9Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Apache James Mime4J could allow a remote attacker to...
Apache James SMTP smuggling | CVE-2023-51747
NAME__________Apache James SMTP smugglingPlatforms Affected:Apache James 3.7.4 Apache James 3.8.0Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache James is vulnerable to SMTP smuggling, caused...
Sante DICOM Viewer Pro code execution | CVE-2024-1453
NAME__________Sante DICOM Viewer Pro code executionPlatforms Affected:Santesoft Sante DICOM Viewer Pro 14.0.3 Santesoft Sante DICOM Viewer Pro 14.0.2Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access...
