OSINT

CVE Alert: CVE-2024-45737

October 15, 2024

Vulnerability Summary: CVE-2024-45737 In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and...

CVE Alert: CVE-2024-45735

October 15, 2024

Vulnerability Summary: CVE-2024-45735 In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform...

CVE Alert: CVE-2024-45736

October 15, 2024

Vulnerability Summary: CVE-2024-45736 In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204,...

CVE Alert: CVE-2024-45738

October 15, 2024

Vulnerability Summary: CVE-2024-45738 In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to...

CVE Alert: CVE-2024-45739

October 15, 2024

Vulnerability Summary: CVE-2024-45739 In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local...

CVE Alert: CVE-2024-45741

October 15, 2024

Vulnerability Summary: CVE-2024-45741 In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205,...

CVE Alert: CVE-2024-47826

October 15, 2024

Vulnerability Summary: CVE-2024-47826 eLabFTW is an open source electronic lab notebook for research labs. A vulnerability in versions prior to...

CVE Alert: CVE-2024-47767

October 15, 2024

Vulnerability Summary: CVE-2024-47767 Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap...

CVE Alert: CVE-2024-46980

October 15, 2024

Vulnerability Summary: CVE-2024-46980 Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap...

CVE Alert: CVE-2024-45740

October 15, 2024

Vulnerability Summary: CVE-2024-45740 In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged...

WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites

October 15, 2024

The maintainers of the Jetpack WordPress plugin have released a security update to remediate a critical vulnerability that could allow...

Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates

October 15, 2024

Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate code-signing certificates....

Vulnerability Summary: CVE-2024-6207 CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat...

CVE Alert: CVE-2024-46988

October 15, 2024

Vulnerability Summary: CVE-2024-46988 Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap...

CVE Alert: CVE-2024-47885

October 15, 2024

Vulnerability Summary: CVE-2024-47885 The Astro web framework has a DOM Clobbering gadget in the client-side router starting in version 3.0.0...

CVE Alert: CVE-2024-47831

October 15, 2024

Vulnerability Summary: CVE-2024-47831 Next.js is a React Framework for the Web. Cersions on the 10.x, 11.x, 12.x, 13.x, and 14.x...

CVE Alert: CVE-2024-47766

October 15, 2024

Vulnerability Summary: CVE-2024-47766 Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap...

CVE Alert: CVE-2024-30117

October 15, 2024

Vulnerability Summary: CVE-2024-30117 A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the...

CVE Alert: CVE-2024-35520

October 15, 2024

Vulnerability Summary: CVE-2024-35520 Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2 parameter. Affected Endpoints: No affected...

CVE Alert: CVE-2024-35518

October 15, 2024

Vulnerability Summary: CVE-2024-35518 Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the wan_dns1_pri parameter. Affected Endpoints: No...

CVE Alert: CVE-2024-48909

October 15, 2024

Vulnerability Summary: CVE-2024-48909 SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. Starting in version...

CVE Alert: CVE-2024-35519

October 15, 2024

Vulnerability Summary: CVE-2024-35519 Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi...

[PLAY] – Ransomware Victim: OzarksGo

October 15, 2024

Ransomware Group: PLAY VICTIM NAME: OzarksGo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[PLAY] – Ransomware Victim: Concord

October 15, 2024

Ransomware Group: PLAY VICTIM NAME: Concord NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

OSINT

CVE Alert: CVE-2024-45737

CVE Alert: CVE-2024-45735

CVE Alert: CVE-2024-45736

CVE Alert: CVE-2024-45738

CVE Alert: CVE-2024-45739

CVE Alert: CVE-2024-45741

CVE Alert: CVE-2024-47826

CVE Alert: CVE-2024-47767

CVE Alert: CVE-2024-46980

CVE Alert: CVE-2024-45740

WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites

Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates

CVE Alert: CVE-2024-6207

CVE Alert: CVE-2024-46988

CVE Alert: CVE-2024-47885

CVE Alert: CVE-2024-47831

CVE Alert: CVE-2024-47766

CVE Alert: CVE-2024-30117

CVE Alert: CVE-2024-35520

CVE Alert: CVE-2024-35518

CVE Alert: CVE-2024-48909

CVE Alert: CVE-2024-35519

[PLAY] – Ransomware Victim: OzarksGo

[PLAY] – Ransomware Victim: Concord

Red Teaming vs. Blue Teaming in Cyber Security Explored

UK Scam Losses Surge 50% Yearly, Reaching £11.4 Billion

Struggling with Shadow AI: Over a Third of Firms Face Challenges

Aggressive Chinese APT Group Earth Estries Unleashes New Backdoors on Governments

Darknet Services Driving Holiday Scams: Protect Your E-Commerce Business

You may have missed