[RHYSIDA] – Ransomware Victim: Avstar Fuel Systems
Ransomware Group: RHYSIDA VICTIM NAME: Avstar Fuel Systems NOTE: No files or stolen information are by RedPacket Security. Any legal...
Month: December 2024
[FUNKSEC] – Ransomware Victim: ibram[.]org[.]br
Ransomware Group: FUNKSEC VICTIM NAME: ibramorgbr NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2024-55057
Vulnerability Summary: CVE-2024-55057 Phpgurukul Online Birth Certificate System 1.0 suffers from insufficient password requirements which can lead to unauthorized access...
CVE Alert: CVE-2024-49819
Vulnerability Summary: CVE-2024-49819 IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to...
CVE Alert: CVE-2024-49820
Vulnerability Summary: CVE-2024-49820 IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to...
CVE Alert: CVE-2024-49818
Vulnerability Summary: CVE-2024-49818 IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to...
CVE Alert: CVE-2024-51479
Vulnerability Summary: CVE-2024-51479 Next.js is a React framework for building full-stack web applications. In affected versions if a Next.js application...
CVE Alert: CVE-2024-55056
Vulnerability Summary: CVE-2024-55056 A stored cross-site scripting (XSS) vulnerability was identified in Phpgurukul Online Birth Certificate System 1.0 in /user/certificate-form.php...
CVE Alert: CVE-2023-37940
Vulnerability Summary: CVE-2023-37940 Cross-site scripting (XSS) vulnerability in the edit Service Access Policy page in Liferay Portal 7.0.0 through 7.4.3.87,...
CVE Alert: CVE-2024-52792
Vulnerability Summary: CVE-2024-52792 LDAP Account Manager (LAM) is a php webfrontend for managing entries (e.g. users, groups, DHCP settings) stored...
CVE Alert: CVE-2024-10973
Vulnerability Summary: CVE-2024-10973 A vulnerability was found in Keycloak. The environment option `KC_CACHE_EMBEDDED_MTLS_ENABLED` does not work and the JGroups replication...
CVE Alert: CVE-2024-9779
Vulnerability Summary: CVE-2024-9779 A flaw was found in Open Cluster Management (OCM) when a user has access to the worker...
Guarding Your Pocket: Mastering Mobile Device Security
In our hyper-connected world, mobile devices have become essential to our daily lives, serving as gateways to both personal and...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: USDA Releases Success Story Detailing the Implementation of Phishing-Resistant Multi-Factor Authentication
USDA Releases Success Story Detailing the Implementation of Phishing-Resistant Multi-Factor Authentication Today, the Cybersecurity and Infrastructure Security Agency (CISA) and...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Insights from Red Team Assessment of a U.S. Critical Infrastructure Sector Organization
CISA Releases Insights from Red Team Assessment of a U.S. Critical Infrastructure Sector Organization Today, CISA released Enhancing Cyber Resilience:...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on November 21, 2024. These...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on November 26, 2024. These...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and Partners Release Joint Guidance on PRC-Affiliated Threat Actor Compromising Networks of Global Telecommunications Providers
CISA and Partners Release Joint Guidance on PRC-Affiliated Threat Actor Compromising Networks of Global Telecommunications Providers Today, CISA—in partnership with...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Eight Industrial Control Systems Advisories
CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on December 3, 2024. These...
CISA: CISA Releases New Public Version of CDM Data Model Document
CISA Releases New Public Version of CDM Data Model Document Today, the Cybersecurity and Infrastructure Security Agency (CISA) released an...
