Month: March 2024

TinyMCE cross-site scripting | CVE-2024-29881

March 31, 2024

NAME__________TinyMCE cross-site scriptingPlatforms Affected:TinyMCE TinyMCE 6.8.0Risk Level:4.7Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

JetBrains TeamCity security bypass | CVE-2024-31134

March 31, 2024

NAME__________JetBrains TeamCity security bypassPlatforms Affected:JetBrains TeamCityRisk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________JetBrains TeamCity could allow a remote authenticated attacker to bypass security restrictions,...

JetBrains TeamCity open redirect | CVE-2024-31135

March 31, 2024

NAME__________JetBrains TeamCity open redirectPlatforms Affected:JetBrains TeamCityRisk Level:6.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________JetBrains TeamCity could allow a remote attacker to conduct phishing attacks, caused...

JetBrains TeamCity security bypass | CVE-2024-31136

March 31, 2024

NAME__________JetBrains TeamCity security bypassPlatforms Affected:JetBrains TeamCityRisk Level:7.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________JetBrains TeamCity could allow a remote attacker to bypass security restrictions, caused...

Apache Fineract SQL injection | CVE-2024-23538

March 31, 2024

NAME__________Apache Fineract SQL injectionPlatforms Affected:Apache Fineract 1.8.4Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Apache Fineract is vulnerable to SQL injection. A remote attacker could...

JetBrains TeamCity cross-site scripting | CVE-2024-31138

March 31, 2024

NAME__________JetBrains TeamCity cross-site scriptingPlatforms Affected:JetBrains TeamCityRisk Level:4.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________JetBrains TeamCity is vulnerable to cross-site scripting, caused by improper validation of...

Apache Fineract privilege escalation | CVE-2024-23537

March 31, 2024

NAME__________Apache Fineract privilege escalationPlatforms Affected:Apache Fineract 1.8.4Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Apache Fineract could allow a remote authenticated attacker to gain elevated...

Apache Fineract SQL injection | CVE-2024-23539

March 31, 2024

JetBrains TeamCity cross-site scripting | CVE-2024-31137

March 31, 2024

NAME__________JetBrains TeamCity cross-site scriptingPlatforms Affected:JetBrains TeamCityRisk Level:6.8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________JetBrains TeamCity is vulnerable to cross-site scripting, caused by improper validation of...

BianLian Ransomware Victim: Pavilion Construction LLC

March 31, 2024

BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

a8a6dc8656ab91be33d8592f5a9a39720e4558f93bcb061dce8793f1969e76e4

Atandt Confirms Data For 73 Million Customers Leaked On Hacker Forum

March 31, 2024

AT&T has finally confirmed it is impacted by a data breach affecting 73 million current and former customers after initially...

Vultur Banking Malware For Android Poses As Mcafee Security App

March 31, 2024

Security researchers found a new version of the Vultur banking trojan for Android that includes more advanced remote control capabilities...

CISA

CISA: CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques

March 31, 2024

CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques Today, CISA, the Federal Bureau of Investigation...

CISA

CISA: CISA Releases One Industrial Control Systems Advisory

March 31, 2024

CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on March 21, 2024. These...

CISA

CISA: CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities

March 31, 2024

CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities Today, CISA and the...

CISA

CISA: Ivanti Releases Security Updates for Neurons for ITSM and Standalone Sentry

March 31, 2024

Ivanti Releases Security Updates for Neurons for ITSM and Standalone Sentry Ivanti has released security advisories to address vulnerabilities in...

CISA

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

March 31, 2024

CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...

CISA

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

March 31, 2024

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA

CISA: CISA Releases Four Industrial Control Systems Advisories

March 31, 2024

CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on March 26, 2024. These...

CISA

CISA: Apple Released Security Updates for Safari and macOS

March 31, 2024

Apple Released Security Updates for Safari and macOS Apple released security updates to address a vulnerability (CVE-2024-1580) in Safari and macOS....

CISA

CISA: Cisco Releases Security Updates for Multiple Products

March 31, 2024

Cisco Releases Security Updates for Multiple Products Cisco released security updates to address vulnerabilities in Cisco IOS, IOS XE, and...

CISA

Month: March 2024

TinyMCE cross-site scripting | CVE-2024-29881

JetBrains TeamCity security bypass | CVE-2024-31134

JetBrains TeamCity open redirect | CVE-2024-31135

JetBrains TeamCity security bypass | CVE-2024-31136

Apache Fineract SQL injection | CVE-2024-23538

JetBrains TeamCity cross-site scripting | CVE-2024-31138

Apache Fineract privilege escalation | CVE-2024-23537

Apache Fineract SQL injection | CVE-2024-23539

JetBrains TeamCity cross-site scripting | CVE-2024-31137

BianLian Ransomware Victim: Pavilion Construction LLC

Atandt Confirms Data For 73 Million Customers Leaked On Hacker Forum

Vultur Banking Malware For Android Poses As Mcafee Security App

CISA: CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques

CISA: CISA Releases One Industrial Control Systems Advisory

CISA: CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities

CISA: Ivanti Releases Security Updates for Neurons for ITSM and Standalone Sentry

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases Four Industrial Control Systems Advisories

CISA: Apple Released Security Updates for Safari and macOS

CISA: Cisco Releases Security Updates for Multiple Products

CISA: Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094

Play Ransomware Victim: W?????? ????????y

Akira Ransomware Victim: Control Technology

[HUNTERS] – Ransomware Victim: Amourgis & Associates

[HUNTERS] – Ransomware Victim: Dietzgen Corporation

Cobalt Strike Beacon Detected – 156[.]238[.]227[.]43:80

Cobalt Strike Beacon Detected – 8[.]134[.]166[.]14:443

Cobalt Strike Beacon Detected – 123[.]57[.]209[.]214:1234

You may have missed