[PLAY] – Ransomware Victim: McCody
Ransomware Group: PLAY VICTIM NAME: McCody NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
OSINT
Cobalt Strike Beacon Detected – 104[.]248[.]57[.]215:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 35[.]233[.]91[.]245:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 43[.]130[.]107[.]126:8001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 139[.]159[.]148[.]68:8099
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 113[.]44[.]66[.]107:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2024-49312
Vulnerability Summary: CVE-2024-49312 Server-Side Request Forgery (SSRF) vulnerability in WisdmLabs Edwiser Bridge.This issue affects Edwiser Bridge: from n/a through 3.0.7....
CVE Alert: CVE-2024-49314
Vulnerability Summary: CVE-2024-49314 Unrestricted Upload of File with Dangerous Type vulnerability in 酱茄 JiangQie Free Mini Program allows Upload a...
CVE Alert: CVE-2024-49313
Vulnerability Summary: CVE-2024-49313 Cross-Site Request Forgery (CSRF) vulnerability in RudeStan VKontakte Wall Post allows Stored XSS.This issue affects VKontakte Wall...
CVE Alert: CVE-2024-49291
Vulnerability Summary: CVE-2024-49291 Unrestricted Upload of File with Dangerous Type vulnerability in Gora Tech LLC Cooked Pro.This issue affects Cooked...
CVE Alert: CVE-2024-49317
Vulnerability Summary: CVE-2024-49317 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ZIPANG...
CVE Alert: CVE-2024-10100
Vulnerability Summary: CVE-2024-10100 A path traversal vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability is due to improper handling of...
CVE Alert: CVE-2024-49322
Vulnerability Summary: CVE-2024-49322 Incorrect Privilege Assignment vulnerability in CodePassenger Job Board Manager for WordPress allows Privilege Escalation.This issue affects Job...
CVE Alert: CVE-2024-10099
Vulnerability Summary: CVE-2024-10099 A stored cross-site scripting (XSS) vulnerability exists in comfyanonymous/comfyui version 0.2.2 and possibly earlier. The vulnerability occurs...
CVE Alert: CVE-2024-49318
Vulnerability Summary: CVE-2024-49318 Deserialization of Untrusted Data vulnerability in Scott Olson My Reading Library allows Object Injection.This issue affects My...
CVE Alert: CVE-2024-10101
Vulnerability Summary: CVE-2024-10101 A stored cross-site scripting (XSS) vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability occurs at the /file...
CISA: Cisco Releases Security Updates for IOS and IOS XE Software
Cisco Releases Security Updates for IOS and IOS XE Software Cisco released its September 2024 Semiannual Cisco IOS and IOS...
CISA: Citrix Releases Security Updates for XenServer and Citrix Hypervisor
Citrix Releases Security Updates for XenServer and Citrix Hypervisor Citrix released security updates to address multiple vulnerabilities in XenServer and...
CISA: CISA Releases Eight Industrial Control Systems Advisories
CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on September 24, 2024. These...
CISA: CISA Warns of Hurricane-Related Scams
CISA Warns of Hurricane-Related Scams As Hurricane Helene approaches, CISA urges users to remain on alert for potential malicious cyber...
CISA: Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means
Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means CISA continues to respond to active exploitation of internet-accessible operational technology...
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Adds Four Known Exploited Vulnerabilities to Catalog CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on September 26, 2024. These...
CISA: ASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises
ASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises Today, the Australian...