CISA: Citrix Releases Security Updates for NetScaler and Citrix Session Recording
Citrix Releases Security Updates for NetScaler and Citrix Session Recording Citrix released security updates to address multiple vulnerabilities in NetScaler...
Month: November 2024
CISA: Adobe Releases Security Updates for Multiple Products
Adobe Releases Security Updates for Multiple Products Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber...
CISA: JCDC’s Collaborative Efforts Enhance Cybersecurity for the 2024 Olympic and Paralympic Games
JCDC’s Collaborative Efforts Enhance Cybersecurity for the 2024 Olympic and Paralympic Games The Cybersecurity and Infrastructure Security Agency (CISA), through...
CISA: Ivanti Releases Security Updates for Multiple Products
Ivanti Releases Security Updates for Multiple Products Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM), Ivanti...
CISA: CISA Releases Nineteen Industrial Control Systems Advisories
CISA Releases Nineteen Industrial Control Systems Advisories CISA released nineteen Industrial Control Systems (ICS) advisories on November 14, 2024. These...
CISA: Fortinet Releases Security Updates for Multiple Products
Fortinet Releases Security Updates for Multiple Products Fortinet has released security updates to address vulnerabilities in multiple products, including FortiOS....
CISA: Microsoft Releases November 2024 Security Updates
Microsoft Releases November 2024 Security Updates Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor...
CISA: Palo Alto Networks Emphasizes Hardening Guidance
Palo Alto Networks Emphasizes Hardening Guidance Updated November 15, 2024 Palo Alto Networks (PAN) has updated their informational bulletin, noting...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
Posh C2 Detected – 176[.]111[.]174[.]138:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
CVE Alert: CVE-2024-8856
Vulnerability Summary: CVE-2024-8856 The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads...
CVE Alert: CVE-2024-10614
Vulnerability Summary: CVE-2024-10614 The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing...
CVE Alert: CVE-2024-10645
Vulnerability Summary: CVE-2024-10645 The Blogger 301 Redirect plugin for WordPress is vulnerable to blind time-based SQL Injection via the ‘br’...
CVE Alert: CVE-2024-11094
Vulnerability Summary: CVE-2024-11094 The 404 Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to,...
CVE Alert: CVE-2024-10592
Vulnerability Summary: CVE-2024-10592 The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class...
HackerOne Bug Bounty Disclosure: open-redirect-via-x-forwarded-host-ndizon
Company Name: Omise Company HackerOne URL: https://hackerone.com/omise Submitted By:ndizon_Link to Submitters Profile:https://hackerone.com/ndizon_ Report Title:Open redirect Via X-Forwarded-HostReport Link:https://hackerone.com/reports/1479889Date Submitted:17 November...
HackerOne Bug Bounty Disclosure: nextcloud-tables-app-inserting-rows-to-an-arbitrary-table-possible-tuyenee
Company Name: Nextcloud Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:tuyeneeLink to Submitters Profile:https://hackerone.com/tuyenee Report Title:Nextcloud Tables app - inserting rows to...
[RAWORLD] – Ransomware Victim: Gu****me
Ransomware Group: RAWORLD VICTIM NAME: Gu****me NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RAWORLD] – Ransomware Victim: Ge****og
Ransomware Group: RAWORLD VICTIM NAME: Ge****og NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[BLACKSUIT] – Ransomware Victim: hetrhedens[.]nl
Ransomware Group: BLACKSUIT VICTIM NAME: hetrhedensnl NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[STORMOUS] – Ransomware Victim: uatf[.]edu[.]bo
Ransomware Group: STORMOUS VICTIM NAME: uatfedubo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[KILLSEC] – Ransomware Victim: Buddy Loan
Ransomware Group: KILLSEC VICTIM NAME: Buddy Loan NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
CVE Alert: CVE-2024-9887
Vulnerability Summary: CVE-2024-9887 The Login using WordPress Users ( WP as SAML IDP ) plugin for WordPress is vulnerable to...
CVE Alert: CVE-2024-52398
Vulnerability Summary: CVE-2024-52398 Unrestricted Upload of File with Dangerous Type vulnerability in Halyra CDI.This issue affects CDI: from n/a through...