CVE Alert: CVE-2024-3656
Vulnerability Summary: CVE-2024-3656 A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege users to...
Month: October 2024
CVE Alert: CVE-2024-47815
Vulnerability Summary: CVE-2024-47815 IncidentReporting is a MediaWiki extension for moving incident reports from wikitext to database tables. There are a...
CVE Alert: CVE-2024-47828
Vulnerability Summary: CVE-2024-47828 ampache is a web based audio/video streaming application and file manager. A CSRF attack can be performed...
[UNDERGROUND] – Ransomware Victim: Casio Computer Co[.], Ltd
Ransomware Group: UNDERGROUND VICTIM NAME: Casio Computer Co, Ltd NOTE: No files or stolen information are by RedPacket Security. Any...
[HANDALA] – Ransomware Victim: Doscast
Ransomware Group: HANDALA VICTIM NAME: Doscast NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Mozilla Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Mozilla Products. A remote attacker could exploit these vulnerabilities to trigger denial of service condition...
CVE Alert: CVE-2024-30118
Vulnerability Summary: CVE-2024-30118 HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive...
CVE Alert: CVE-2024-39515
Vulnerability Summary: CVE-2024-39515 An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks...
CVE Alert: CVE-2024-38815
Vulnerability Summary: CVE-2024-38815 VMware NSX contains a content spoofing vulnerability. An unauthenticated malicious actor may be able to craft a...
CVE Alert: CVE-2024-39525
Vulnerability Summary: CVE-2024-39525 An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos...
CVE Alert: CVE-2024-39516
Vulnerability Summary: CVE-2024-39516 An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos...
CVE Alert: CVE-2024-38817
Vulnerability Summary: CVE-2024-38817 Mware NSX contains a command injection vulnerability. A malicious actor with access to the NSX Edge CLI...
CVE Alert: CVE-2024-7037
Vulnerability Summary: CVE-2024-7037 In version v0.3.8 of open-webui/open-webui, the endpoint /api/pipelines/upload is vulnerable to arbitrary file write and delete due...
CVE Alert: CVE-2024-38818
Vulnerability Summary: CVE-2024-38818 VMware NSX contains a local privilege escalation vulnerability. An authenticated malicious actor may exploit this vulnerability to...
CVE Alert: CVE-2024-7041
Vulnerability Summary: CVE-2024-7041 An Insecure Direct Object Reference (IDOR) vulnerability exists in open-webui/open-webui version v0.3.8. The vulnerability occurs in the...
CVE Alert: CVE-2024-8264
Vulnerability Summary: CVE-2024-8264 Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password information to the...
[FLOCKER] – Ransomware Victim: K***N Corp
Ransomware Group: FLOCKER VICTIM NAME: K***N Corp NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
October Patch Tuesday: Microsoft Addresses Five Zero-Day Vulnerabilities
In October's Patch Tuesday update, Microsoft has effectively mitigated two zero-day vulnerabilities under active exploitation and three publicly reported issues,...
EU Launches New Body for Centralized Complaints Against Facebook, TikTok, and YouTube
Social media users across the EU will soon benefit from a streamlined way to address grievances regarding content moderation on...
Ivanti Urges Immediate Update: Three Critical CSA Zero-Day Vulnerabilities Exploited
Ivanti recently warned its Cloud Services Appliance (CSA) customers to update their systems immediately due to three critical zero-day vulnerabilities...
BeaverTail Malware Targets Job Seekers: Protect Yourself from Fake Recruiters
BeaverTail malware is a new threat targeting job seekers, specifically those in the tech industry, by exploiting fake recruiters. A...
Australia’s First Standalone Cybersecurity Law: What You Need to Know
Australia's new standalone cybersecurity law addresses the growing need for enhanced protection against cyber threats, ensuring the safety of citizens...
Spurring Cybersecurity Careers: UK Launches Exciting New Competition
The UK government is encouraging young individuals to explore cybersecurity careers through a new competition aimed at honing their skills....
iPhone Mirroring Flaw Impacts Employee Privacy: Key Concerns and Solutions
The new iPhone mirroring feature presents significant employee privacy risks, as identified in Apple's recent software updates. This flaw affects...
