CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
OSINT
CISA: Oracle Releases Quarterly Critical Patch Update Advisory for October 2024
Oracle Releases Quarterly Critical Patch Update Advisory for October 2024 Oracle released its quarterly Critical Patch Update Advisory for October...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CVE Alert: CVE-2024-50311
Vulnerability Summary: CVE-2024-50311 A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to exploit the...
CVE Alert: CVE-2024-26271
Vulnerability Summary: CVE-2024-26271 Cross-site request forgery (CSRF) vulnerability in the My Account widget in Liferay Portal 7.4.3.75 through 7.4.3.111, and...
CVE Alert: CVE-2024-43173
Vulnerability Summary: CVE-2024-43173 IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the...
CVE Alert: CVE-2024-26272
Vulnerability Summary: CVE-2024-26272 Cross-site request forgery (CSRF) vulnerability in the content page editor in Liferay Portal 7.3.2 through 7.4.3.107, and...
CVE Alert: CVE-2024-26273
Vulnerability Summary: CVE-2024-26273 Cross-site request forgery (CSRF) vulnerability in the content page editor in Liferay Portal 7.4.0 through 7.4.3.103, and...
CVE Alert: CVE-2024-8980
Vulnerability Summary: CVE-2024-8980 The Script Console in Liferay Portal 7.0.0 through 7.4.3.101, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA...
CVE Alert: CVE-2024-38002
Vulnerability Summary: CVE-2024-38002 The workflow component in Liferay Portal 7.3.2 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through...
CVE Alert: CVE-2022-23861
Vulnerability Summary: CVE-2022-23861 Multiple Stored Cross-Site Scripting vulnerabilities were discovered in Y Soft SAFEQ 6 Build 53. Multiple fields in...
CVE Alert: CVE-2024-43177
Vulnerability Summary: CVE-2024-43177 IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the...
CVE Alert: CVE-2022-23862
Vulnerability Summary: CVE-2022-23862 A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53. The SafeQ JMX...
[MEOW] – Ransomware Victim: By Design LLC
Ransomware Group: MEOW VICTIM NAME: By Design LLC NOTE: No files or stolen information are by RedPacket Security. Any legal...
[INTERLOCK] – Ransomware Victim: Wayne County
Ransomware Group: INTERLOCK VICTIM NAME: Wayne County NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection
New variants of a banking malware called Grandoreiro have been found to adopt new tactics in an effort to bypass...
[FOG] – Ransomware Victim: Goshen Central School District (gcsny[.]org)
Ransomware Group: FOG VICTIM NAME: Goshen Central School District (gcsnyorg) NOTE: No files or stolen information are by RedPacket Security....
[FOG] – Ransomware Victim: Mar-Bal (mar-bal[.]com)
Ransomware Group: FOG VICTIM NAME: Mar-Bal (mar-balcom) NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[MEOW] – Ransomware Victim: Youngs Timber Builders Merchants
Ransomware Group: MEOW VICTIM NAME: Youngs Timber Builders Merchants NOTE: No files or stolen information are by RedPacket Security. Any...
Permiso State of Identity Security 2024: A Shake-up in Identity Security Is Looming Large
Identity security is front, and center given all the recent breaches that include Microsoft, Okta, Cloudflare and Snowflake to name...
CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)
A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity...
CVE Alert: CVE-2024-47819
Vulnerability Summary: CVE-2024-47819 Umbraco, a free and open source .NET content management system, has a cross-site scripting vulnerability starting in...
CVE Alert: CVE-2024-49373
Vulnerability Summary: CVE-2024-49373 No Fuss Computing Centurion ERP is open source enterprise resource planning (ERP) software. Prior to version 1.2.1,...
CVE Alert: CVE-2024-46240
Vulnerability Summary: CVE-2024-46240 Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under action=system and the company/contact...
