CVE Alert: CVE-2024-45102
Vulnerability Summary: CVE-2024-45102 A privilege escalation vulnerability was discovered that could allow a valid, authenticated LXCA user to escalate their...
Month: January 2025
CVE Alert: CVE-2024-47605
Vulnerability Summary: CVE-2024-47605 silverstripe-asset-admin is a silverstripe assets gallery for asset management. When using the "insert media" functionality, the linked...
CVE Alert: CVE-2024-10254
Vulnerability Summary: CVE-2024-10254 A potential buffer overflow vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that...
[RANSOMHUB] – Ransomware Victim: www[.]eurocert[.]pl
Ransomware Group: RANSOMHUB VICTIM NAME: wwweurocertpl NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Mastering Identity and Access Management for Cybersecurity
In today's digital world, effective identity and access management (IAM) is more crucial than ever. Organizations must safeguard sensitive information...
Nominet Breach: UK Registry Impacted by Ivanti Zero-Day Vulnerability
The Nominet breach highlights the risks associated with third-party VPN services, particularly due to a recent Ivanti zero-day vulnerability. The...
Critical Infrastructure Must Assess Product Security in Procurement Processes
Critical infrastructure organizations are being prompted to scrutinize the security of operational technology (OT) products during their procurement processes. Critical...
Manchester Law Firm Files Lawsuit Against Google and Microsoft Over AI Data Misuse
A Manchester law firm is spearheading a lawsuit involving 15,000 individuals against Google and Microsoft, alleging significant breaches of data...
Cyber Hygiene Adoption Surge Leads to Sharp Drop in Remediation Times
Cyber hygiene practices are crucial for enhancing remediation times in critical national infrastructure, as highlighted by the latest CISA report....
UK Proposes Ban on Ransomware Payments to Protect Public Sector
The UK government is taking a significant step by proposing a ban on ransomware payments made by public sector organizations,...
Surge in Browser-Based Cyber-Threats: A Shift from Email Malware
In 2024, browser-based cyber-threats have drastically increased, indicating a new direction in cybercrime tactics as traditional email malware declines. Browser-based...
New AI Rule Strengthens US Technology Security Measures
The Biden-Harris Administration has established a crucial new Interim Final Rule on Artificial Intelligence Diffusion to safeguard US national security...
[KAIROS] – Ransomware Victim: jgele[.]com
Ransomware Group: KAIROS VICTIM NAME: jgelecom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CISA: CISA Requests Public Comment for Draft National Cyber Incident Response Plan Update
CISA Requests Public Comment for Draft National Cyber Incident Response Plan Update Today, CISA—through the Joint Cyber Defense Collaborative and...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and EPA Release Joint Fact Sheet Detailing Risks Internet-Exposed HMIs Pose to WWS Sector
CISA and EPA Release Joint Fact Sheet Detailing Risks Internet-Exposed HMIs Pose to WWS Sector Today, CISA and the Environmental...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Issues BOD 25-01, Implementing Secure Practices for Cloud Services
CISA Issues BOD 25-01, Implementing Secure Practices for Cloud Services Today, CISA issued Binding Operational Directive (BOD) 25-01, Implementing Secure...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on December 17, 2024. These...
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Adds Four Known Exploited Vulnerabilities to Catalog CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and ONCD Release Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure
CISA and ONCD Release Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure Today, CISA and the Office...
CISA: CISA Releases Best Practice Guidance for Mobile Communications
CISA Releases Best Practice Guidance for Mobile Communications Today, CISA released Mobile Communications Best Practice Guidance. The guidance was crafted...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
