US-CERT Vulnerability Summary for the Week of July 8, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Month: July 2024
GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks
Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories...
HackerOne Bug Bounty Disclosure: permission-model-improperly-processes-unc-paths-tniessen
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:tniessenLink to Submitters Profile:https://hackerone.com/tniessen Report Title:Permission model improperly processes UNC pathsReport Link:https://hackerone.com/reports/2079103Date...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
Black Basta Ransomware Victim: usdermpartners[.]com
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: thompsoncreek[.]com_wa
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: atos[.]com
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
CRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping Tool
A threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to infect...
10,000 Victims a Day: Infostealer Garden of Low-Hanging Fruit
Imagine you could gain access to any Fortune 100 company for $10 or less, or even for free. Terrifying thought,...
New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection
Cybersecurity researchers have shed light on a new version of a ransomware strain called HardBit that comes packaged with new...
Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months
Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes...
BianLian Ransomware Victim: Texas Alcohol & Drug Testing Service
BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Weekly Cyber Security Tip: Mastering Forensic Analysis
For this week's cyber security tip, we delve into a crucial aspect of responding to cyber threats: forensic analysis. Forensic...
Exim Security Restriction Bypass Vulnerability
A vulnerability was identified in Exim, a remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system. Note:Proof...
Cisco Products Remote Code Execution Vulnerability
A vulnerability has been identified in Cisco Products, a remote user can exploit this vulnerability to trigger elevation of privilege...
CISA: Microsoft Releases July 2024 Security Updates
Microsoft Releases July 2024 Security Updates Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor...
CISA: CISA and Partners join ASD’S ACSC to Release Advisory on PRC State-Sponsored Group, APT 40
CISA and Partners join ASD’S ACSC to Release Advisory on PRC State-Sponsored Group, APT 40 CISA has collaborated with the...
CISA: Citrix Releases Security Updates for Multiple Products
Citrix Releases Security Updates for Multiple Products Citrix released security updates to address vulnerabilities in multiple Citrix products. A cyber...
CISA: Adobe Releases Security Updates for Multiple Products
Adobe Releases Security Updates for Multiple Products Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and FBI Release Secure by Design Alert on Eliminating OS Command Injection Vulnerabilities
CISA and FBI Release Secure by Design Alert on Eliminating OS Command Injection Vulnerabilities Today, CISA and FBI are releasing...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on July 9, 2024. These...
CISA: CISA Releases Twenty-one Industrial Control Systems Advisories
CISA Releases Twenty-one Industrial Control Systems Advisories CISA released twenty-one Industrial Control Systems (ICS) advisories on July 11, 2024. These...
CISA: CISA Releases Advisory Detailing Red Team Activity During Assessment of US FCEB Organization, Highlighting Necessity of Defense-in-Depth
CISA Releases Advisory Detailing Red Team Activity During Assessment of US FCEB Organization, Highlighting Necessity of Defense-in-Depth Today, CISA released...
