Cobalt Strike Beacon Detected – 119[.]3[.]218[.]60:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: November 2024
Cobalt Strike Beacon Detected – 49[.]232[.]90[.]121:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 34[.]55[.]187[.]149:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
[INTERLOCK] – Ransomware Victim: Winnebago Public School Foundation
Ransomware Group: INTERLOCK VICTIM NAME: Winnebago Public School Foundation NOTE: No files or stolen information are by RedPacket Security. Any...
5 Most Common Malware Techniques in 2024
Tactics, techniques, and procedures (TTPs) form the foundation of modern defense strategies. Unlike indicators of compromise (IOCs), TTPs are more...
A Hacker’s Guide to Password Cracking
Defending your organization's security is like fortifying a castleβyou need to understand where attackers will strike and how they'll try...
SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims
An ongoing phishing campaign is employing copyright infringement-related themes to trick victims into downloading a newer version of the Rhadamanthys...
China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Bait
The China-aligned threat actor known as MirrorFace has been observed targeting a diplomatic organization in the European Union, marking the...
Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads...
CVE Alert: CVE-2024-20531
Vulnerability Summary: CVE-2024-20531 A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary...
CVE Alert: CVE-2024-20538
Vulnerability Summary: CVE-2024-20538 A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to...
CVE Alert: CVE-2024-20540
Vulnerability Summary: CVE-2024-20540 A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) could...
CVE Alert: CVE-2024-20537
Vulnerability Summary: CVE-2024-20537 A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to...
CVE Alert: CVE-2024-20539
Vulnerability Summary: CVE-2024-20539 A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to...
CVE Alert: CVE-2024-20536
Vulnerability Summary: CVE-2024-20536 A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller...
CVE Alert: CVE-2024-51751
Vulnerability Summary: CVE-2024-51751 Gradio is an open-source Python package designed to enable quick builds of a demo or web application....
CVE Alert: CVE-2024-50637
Vulnerability Summary: CVE-2024-50637 UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting (XSS) in the Create User function. ΒΆΒΆ...
CVE Alert: CVE-2024-51988
Vulnerability Summary: CVE-2024-51988 RabbitMQ is a feature rich, multi-protocol messaging and streaming broker. In affected versions queue deletion via the...
CVE Alert: CVE-2024-51754
Vulnerability Summary: CVE-2024-51754 Twig is a template language for PHP. In a sandbox, an attacker can call `__toString()` on an...
[MEDUSA] – Ransomware Victim: Jomar Electrical Contractors
Ransomware Group: MEDUSA VICTIM NAME: Jomar Electrical Contractors NOTE: No files or stolen information are by RedPacket Security. Any legal...
[MEDUSA] – Ransomware Victim: Howell Electric Inc
Ransomware Group: MEDUSA VICTIM NAME: Howell Electric Inc NOTE: No files or stolen information are by RedPacket Security. Any legal...
[INCRANSOM] – Ransomware Victim: ucv[.]es
Ransomware Group: INCRANSOM VICTIM NAME: ucves NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Canada Orders TikTok to Shut Down Canadian Operations Over Security Concerns
The Canadian government on Wednesday ordered ByteDance-owned TikTok to dissolve its operations in the country, citing national security risks, but...
Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems
Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul (URWB) Access Points that...