IBM Sterling B2B Integrator denial of service | CVE-2023-32341
NAME__________IBM Sterling B2B Integrator denial of servicePlatforms Affected:IBM Sterling B2B Integrator 6.0.0.0 IBM Sterling B2B Integrator 6.1.0.0 IBM Sterling B2B...
Month: February 2024
Apache bRPC HTTP request smuggling | CVE-2024-23452
NAME__________Apache bRPC HTTP request smugglingPlatforms Affected:Apache bRPC 1.0.0 Apache bRPC 1.1.0 Apache bRPC 1.2.0 Apache bRPC 1.3.0 Apache bRPC 1.4.0...
GitLab security bypass | CVE-2024-6840
NAME__________GitLab security bypassPlatforms Affected:GitLab GitLab 16.8.1 Community Edition GitLab GitLab 16.8.1 Enterprise Edition GitLab GitLab 16.7.4 Enterprise Edition GitLab GitLab...
IBM Engineering Lifecycle Optimization – Publishing session fixation | CVE-2023-45187
NAME__________IBM Engineering Lifecycle Optimization - Publishing session fixationPlatforms Affected:IBM Engineering Lifecycle Optimization Publishing 7.0.2 IBM Engineering Lifecycle Optimization Publishing 7.0.3Risk...
GitLab privilege escalation | CVE-2024-1250
NAME__________GitLab privilege escalationPlatforms Affected:GitLab GitLab 16.8.1 Community Edition GitLab GitLab 16.8.1 Enterprise Edition GitLab GitLab 16.7.4 Enterprise Edition GitLab GitLab...
GitLab denial of service | CVE-2024-6386
NAME__________GitLab denial of servicePlatforms Affected:GitLab GitLab 16.8.1 Community Edition GitLab GitLab 16.8.1 Enterprise Edition GitLab GitLab 16.7.4 Enterprise Edition GitLab...
IBM Engineering Lifecycle Optimization HTTP header injection | CVE-2023-45190
NAME__________IBM Engineering Lifecycle Optimization HTTP header injectionPlatforms Affected:IBM Engineering Lifecycle Optimization Publishing 7.0.2 IBM Engineering Lifecycle Optimization Publishing 7.0.3Risk Level:5.1Exploitability:UnprovenConsequences:Gain...
Dell EMC AppSync information disclosure | CVE-2024-22464
NAME__________Dell EMC AppSync information disclosurePlatforms Affected:Dell EMC AppSync 4.2.0.0 Dell EMC AppSync 4.6.0.1Risk Level:6.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dell EMC AppSync could allow...
Wazuh in the Cloud Era: Navigating the Challenges of Cybersecurity
Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall...
Stealthy Zardoor Backdoor Targets Saudi Islamic Charity Organizations
An unnamed Islamic non-profit organization in Saudi Arabia has been targeted as part of a stealthy cyber espionage campaign designed...
Fortinet Warns of Critical FortiOS SSL VPN Flaw Likely Under Active Exploitation
Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in...
CACTUS Ransomware Victim: https://www[.]parksite[.]com/
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
BianLian Ransomware Victim: Northeast Spine and Sports Medicine’s
BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Authentication Bypass Vulnerability in Ivanti Products
Ivanti has released security updates to address a vulnerability (CVE-2024-22024) affecting Connect Secure, Policy Secure, and ZTA gateways. Successful exploitation...
Active Exploitation of Critical Vulnerability in FortiOS
Fortinet has released updates addressing a critical vulnerability (CVE-2024-21762) in FortiOS. The vulnerability has a Common Vulnerability Scoring System (CVSS)...
Fake Lastpass Password Manager Spotted On Apples App Store
LastPass is warning that a fake copy of its app is being distributed on the Apple App Store, likely used...
Data Breaches At Viamedis And Almerys Impact 33 Million In France
Data breaches at two French healthcare payment service providers, Viamedis and Almerys, have now been determined to impact over 33...
Android Xloader Malware Can Now Auto Execute After Installation
A new version of the XLoader Android malware was discovered that automatically executes on devices it infects, requiring no user...
New Fortinet Rce Flaw In Ssl Vpn Likely Exploited In Attacks
Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks....
Ivanti Patch New Connect Secure Auth Bypass Bug Immediately
Today, Ivanti warned of a new authentication bypass vulnerability impacting Connect Secure, Policy Secure, and ZTA gateways, urging admins to...
Us Offers 10 Million For Tips On Hive Ransomware Leadership
The U.S. State Department offers rewards of up to $10 million for information that could help locate, identify, or arrest...
Hyundai Motor Europe Hit By Black Basta Ransomware Attack
Car maker Hyundai Motor Europe suffered a Black Basta ransomware attack, with the threat actors claiming to have stolen three...
Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways
Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices...
Critical Manufacturing Vulnerabilities Surge 230% in Six Months
Threat actors are targeting operational technology (OT) and Internet of Things (IoT) environments with increasing sophistication and have a growing...
