Ongoing Malware Campaign Targeting WordPress Websites
There are reports of an ongoing malware campaign, Sign1, targeting WordPress sites. The campaign entails attackers gaining access to WordPress...
Month: March 2024
CACTUS Ransomware Victim: https://contenderboats[.]com/
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Free Vpn Apps On Google Play Turned Android Phones Into Proxies
Over 15 free VPN apps on Google Play were found using a malicious software development kit that turned Android devices...
Germany Warns Of 17k Vulnerable Microsoft Exchange Servers Exposed Online
The German national cybersecurity authority warned on Tuesday that it found at least 17,000 Microsoft Exchange servers in Germany exposed...
Hackers Exploit Ray Framework Flaw To Breach Servers Hijack Resources
A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing...
Themoon Malware Infects 6 000 Asus Routers In 72 Hours For Proxy Service
A new variant of "TheMoon" malware botnet has been spotted infecting thousands of outdated small office and home office (SOHO)...
Finland Confirms Apt31 Hackers Behind 2021 Parliament Breach
Image: Midjourney The Finnish Police confirmed on Tuesday that the APT31 hacking group linked to the Chinese Ministry of State...
700 Cybercrime Software Turns Raspberry Pi Into An Evasive Fraud Tool
Cybercriminals are selling custom Raspberry Pi software called 'GEOBOX' on Telegram, which allows inexperienced hackers to convert the mini-computers into...
SwordFantasy – 2,690,657 breached accounts
HIBP In January 2019, the now defunct MMO and RPG game SwordFantasy suffered a data breach that exposed 2.7M unique...
CISA: CISA and Partners Release Joint Fact Sheet for Leaders on PRC-sponsored Volt Typhoon Cyber Activity
CISA and Partners Release Joint Fact Sheet for Leaders on PRC-sponsored Volt Typhoon Cyber Activity Today, CISA, the National Security...
CISA: CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques
CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques Today, CISA, the Federal Bureau of Investigation...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on March 19, 2024. These...
CISA: Repository for Software Attestation and Artifacts Now Live
Repository for Software Attestation and Artifacts Now Live Software producers who partner with the federal government can now upload their...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on March 21, 2024. These...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on March 26, 2024. These...
CISA: CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities
CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities Today, CISA and the...
CISA: Ivanti Releases Security Updates for Neurons for ITSM and Standalone Sentry
Ivanti Releases Security Updates for Neurons for ITSM and Standalone Sentry Ivanti has released security advisories to address vulnerabilities in...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
US-CERT Vulnerability Summary for the Week of March 18, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
HackerOne Bug Bounty Disclosure: creation-of-bounties-through-customer-api-leads-to-private-email-disclosure–verw-tch
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:0verw4tchLink to Submitters Profile:https://hackerone.com/0verw4tch Report Title:Creation of bounties through Customer API leads...
HackerOne Bug Bounty Disclosure: view-any-user-email-using-the-team-s-audit-log-section–verw-tch
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:0verw4tchLink to Submitters Profile:https://hackerone.com/0verw4tch Report Title:View any user email using the Team's...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on March 26, 2024. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...