CVE Alert: CVE-2024-41595
Vulnerability Summary: CVE-2024-41595 DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of...
CVE Alert: CVE-2024-47762
Vulnerability Summary: CVE-2024-47762 Backstage is an open framework for building developer portals. Configuration supplied through APP_CONFIG_* environment variables, for example...
CVE Alert: CVE-2024-7826
Vulnerability Summary: CVE-2024-7826 Improper Check for Unusual or Exceptional Conditions vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM,...
[DRAGONFORCE] – Ransomware Victim: Lyomark Pharma
Ransomware Group: DRAGONFORCE VICTIM NAME: Lyomark Pharma NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[CICADA3301] – Ransomware Victim: Conductive Containers, Inc
Ransomware Group: CICADA3301 VICTIM NAME: Conductive Containers, Inc NOTE: No files or stolen information are by RedPacket Security. Any legal...
CVE Alert: CVE-2024-41589
Vulnerability Summary: CVE-2024-41589 DrayTek Vigor310 devices through 4.3.2.6 use unencrypted HTTP for authentication requests. Affected Endpoints: No affected endpoints listed....
CVE Alert: CVE-2024-41583
Vulnerability Summary: CVE-2024-41583 DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to stored Cross Site Scripting (XSS) by authenticated users due...
CVE Alert: CVE-2024-41586
Vulnerability Summary: CVE-2024-41586 A stack-based Buffer Overflow vulnerability in DrayTek Vigor310 devices through 4.3.2.6 allows a remote attacker to execute...
CVE Alert: CVE-2024-41592
Vulnerability Summary: CVE-2024-41592 DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles...
CVE Alert: CVE-2024-41584
Vulnerability Summary: CVE-2024-41584 DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to reflected XSS by authenticated users, caused by missing validation...
CVE Alert: CVE-2024-43699
Vulnerability Summary: CVE-2024-43699 Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. An unauthenticated attacker may...
CVE Alert: CVE-2024-45367
Vulnerability Summary: CVE-2024-45367 The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead...
CVE Alert: CVE-2024-41925
Vulnerability Summary: CVE-2024-41925 The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly validate user...
CVE Alert: CVE-2024-9266
Vulnerability Summary: CVE-2024-9266 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Express. This vulnerability affects the use of the...
CVE Alert: CVE-2024-42417
Vulnerability Summary: CVE-2024-42417 Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may...
[KILLSEC] – Ransomware Victim: bbgc[.]gov[.]bd
Ransomware Group: KILLSEC VICTIM NAME: bbgcgovbd NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Unlocking the Secrets of Cryptographic Protocols
Cryptographic protocols lie at the heart of securing communications in our increasingly digital world. From online banking to secure messaging...
Phishing Attacks Surge: Attackers Bypass Security Measures with New Tactics
Phishing attacks are on the rise, with a remarkable 28% increase observed in Q2 2024 compared to the previous quarter....
FIN7 Gang Exploits AI Deepfake Sites to Spread Malware
The FIN7 gang is exploiting AI deepfake sites to deceive users into downloading malware, according to a recent report by...
Crypto-Doubling Scams Exploit Recent Presidential Debate Insights
In the wake of the recent presidential debate, a concerning rise in crypto-doubling scams has emerged, as security researchers alert...
Litespeed Cache Plugin Vulnerability: Immediate Update Required to Prevent XSS Attack
A recently discovered vulnerability in the Litespeed Cache plugin poses serious security risks, allowing attackers to execute unauthorized actions on...
CeranaKeeper: A Growing Cyber Threat to Thai Government Networks
CeranaKeeper has been discovered as a significant threat group targeting Thai government institutions. This newly identified faction engages in sophisticated...
Cybersecurity Spending Increases, Yet Leaders Still Report Vulnerability
Despite an increase in cybersecurity budgets, many security leaders feel vulnerable in the evolving threat landscape, according to Red Canary's...
Northern Ireland Police Data Leak Results in £750,000 Fine from ICO
The recent data leak involving the Police Service of Northern Ireland has raised significant concerns regarding procedural failings that exposed...
