CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on September 26, 2024. These...
Month: October 2024
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on October 1, 2024. These...
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Adds Four Known Exploited Vulnerabilities to Catalog CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CovenantC2 Detected – 154[.]44[.]10[.]197:7443
The Information provided at the time of posting was detected as "Covenant C2". Depending on when you are viewing this...
[QILIN] – Ransomware Victim: United Animal Health
Ransomware Group: QILIN VICTIM NAME: United Animal Health NOTE: No files or stolen information are by RedPacket Security. Any legal...
CVE Alert: CVE-2024-8456
Vulnerability Summary: CVE-2024-8456 Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing...
CVE Alert: CVE-2024-42496
Vulnerability Summary: CVE-2024-42496 Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of a password....
CVE Alert: CVE-2024-41999
Vulnerability Summary: CVE-2024-41999 Smart-tab Android app installed April 2023 or earlier contains an active debug code vulnerability. If this vulnerability...
CVE Alert: CVE-2024-45200
Vulnerability Summary: CVE-2024-45200 In Nintendo Mario Kart 8 Deluxe before 3.0.3, the LAN/LDN local multiplayer implementation allows a remote attacker...
CVE Alert: CVE-2024-8455
Vulnerability Summary: CVE-2024-8455 The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models,...
CVE Alert: CVE-2024-8457
Vulnerability Summary: CVE-2024-8457 Certain switch models from PLANET Technology have a web application that does not properly validate specific parameters,...
CVE Alert: CVE-2024-8459
Vulnerability Summary: CVE-2024-8459 Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing...
CVE Alert: CVE-2024-8453
Vulnerability Summary: CVE-2024-8453 Certain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being...
CVE Alert: CVE-2024-8454
Vulnerability Summary: CVE-2024-8454 The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have...
CVE Alert: CVE-2024-8458
Vulnerability Summary: CVE-2024-8458 Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery...
[NITROGEN] – Ransomware Victim: Labib Funk Associates
Ransomware Group: NITROGEN VICTIM NAME: Labib Funk Associates NOTE: No files or stolen information are by RedPacket Security. Any legal...
[AKIRA] – Ransomware Victim: Cascade Columbia Distribution
Ransomware Group: AKIRA VICTIM NAME: Cascade Columbia Distribution NOTE: No files or stolen information are by RedPacket Security. Any legal...
[AKIRA] – Ransomware Victim: ShoreMaster
Ransomware Group: AKIRA VICTIM NAME: ShoreMaster NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[NITROGEN] – Ransomware Victim: Akromold
Ransomware Group: NITROGEN VICTIM NAME: Akromold NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[NITROGEN] – Ransomware Victim: Research Electronics International
Ransomware Group: NITROGEN VICTIM NAME: Research Electronics International NOTE: No files or stolen information are by RedPacket Security. Any legal...
HackerOne Bug Bounty Disclosure: the-initial-e-ee-password-generated-by-rocket-chat-mobile-can-be-recovered-in-a-practical-timescale-h
Company Name: Rocket.Chat Company HackerOne URL: https://hackerone.com/rocket_chat Submitted By:h0011Link to Submitters Profile:https://hackerone.com/h0011 Report Title:The initial E2EE password generated by RocketChat...
HackerOne Bug Bounty Disclosure: posts-sent-via-websockets-aren-t-sanitized-properly-c-rydoras
Company Name: Mattermost Company HackerOne URL: https://hackerone.com/mattermost Submitted By:c0rydorasLink to Submitters Profile:https://hackerone.com/c0rydoras Report Title:Posts sent via websockets aren't sanitized properlyReport...
HackerOne Bug Bounty Disclosure: idor-exposes-all-machine-learning-models-moblig
Company Name: GitLab Company HackerOne URL: https://hackerone.com/gitlab Submitted By:mobligLink to Submitters Profile:https://hackerone.com/moblig Report Title:IDOR Exposes All Machine Learning ModelsReport Link:https://hackerone.com/reports/2528293Date...
HackerOne Bug Bounty Disclosure: xss-when-using-translate-in-action-controller-rails-ooooooo-q
Company Name: Ruby on Rails Company HackerOne URL: https://hackerone.com/rails Submitted By:ooooooo_qLink to Submitters Profile:https://hackerone.com/ooooooo_q Report Title:XSS when using `translate` in...
