CISA: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies
Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies CISA has observed cyber threat actors leveraging unencrypted...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Guidance: Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM)
Guidance: Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM) Today, CISA published the Framing Software Component Transparency, created...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on October 15, 2024. These...
CISA: Oracle Releases Quarterly Critical Patch Update Advisory for October 2024
Oracle Releases Quarterly Critical Patch Update Advisory for October 2024 Oracle released its quarterly Critical Patch Update Advisory for October...
CISA: CISA, FBI, NSA, and International Partners Release Advisory on Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute Force
CISA, FBI, NSA, and International Partners Release Advisory on Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute Force Today,...
CISA: CISA and FBI Release Joint Guidance on Product Security Bad Practices for Public Comment
CISA and FBI Release Joint Guidance on Product Security Bad Practices for Public Comment Today, the Cybersecurity and Infrastructure Security...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on October 17, 2024. These...
CVE Alert: CVE-2024-49260
Vulnerability Summary: CVE-2024-49260 Unrestricted Upload of File with Dangerous Type vulnerability in Limb WordPress Gallery Plugin – Limb Image Gallery...
CVE Alert: CVE-2024-49252
Vulnerability Summary: CVE-2024-49252 : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Teplitsa of social technologies...
CVE Alert: CVE-2024-49270
Vulnerability Summary: CVE-2024-49270 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HashThemes Smart Blocks...
CVE Alert: CVE-2024-49251
Vulnerability Summary: CVE-2024-49251 : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in...
CVE Alert: CVE-2024-49245
Vulnerability Summary: CVE-2024-49245 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ahime Ahime Image Printer.This...
CVE Alert: CVE-2024-49258
Vulnerability Summary: CVE-2024-49258 Path Traversal: '.../...//' vulnerability in Limb WordPress Gallery Plugin – Limb Image Gallery.This issue affects WordPress Gallery...
CVE Alert: CVE-2024-49254
Vulnerability Summary: CVE-2024-49254 Improper Control of Generation of Code ('Code Injection') vulnerability in Sunjianle allows Code Injection.This issue affects ajax-extend:...
CVE Alert: CVE-2024-47139
Vulnerability Summary: CVE-2024-47139 A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IQ Configuration utility that...
CVE Alert: CVE-2024-9893
Vulnerability Summary: CVE-2024-9893 The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in all versions up...
CVE Alert: CVE-2024-48744
Vulnerability Summary: CVE-2024-48744 A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in PHPGurukul Teachers Record Management...
Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant
The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian...
HackerOne Bug Bounty Disclosure: circular-based-introspetion-query-leading-to-single-request-denial-of-service-and-cost-consumption-and-query-cost-on-api-sorare-com-graphql-thebeast
Company Name: Sorare Company HackerOne URL: https://hackerone.com/sorare Submitted By:thebeast99Link to Submitters Profile:https://hackerone.com/thebeast99 Report Title:Circular based introspetion Query leading to single...
[RANSOMHUB] – Ransomware Victim: www[.]aristoiclassical[.]org
Ransomware Group: RANSOMHUB VICTIM NAME: wwwaristoiclassicalorg NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: www[.]kersey[.]net
Ransomware Group: RANSOMHUB VICTIM NAME: wwwkerseynet NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: www[.]camelotservices[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: wwwcamelotservicescom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
