OSINT

CVE Alert: CVE-2024-46304

October 10, 2024

Vulnerability Summary: CVE-2024-46304 A Buffer Overflow vulnerability in libcoap v4.3.5-rc2 and below allows a remote attacker to cause a denial...

CVE Alert: CVE-2024-46316

October 10, 2024

Vulnerability Summary: CVE-2024-46316 DrayTek Vigor3900 v1.5.1.6 was discovered to contain a command injection vulnerability via the sub_2C920 function at /cgi-bin/mainfunction.cgi....

CVE Alert: CVE-2024-8048

October 10, 2024

Vulnerability Summary: CVE-2024-8048 In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible using...

CVE Alert: CVE-2024-8015

October 10, 2024

Vulnerability Summary: CVE-2024-8015 In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is...

CVE Alert: CVE-2024-9671

October 10, 2024

Vulnerability Summary: CVE-2024-9671 A vulnerability was found in 3Scale. There is no auth mechanism to see a PDF invoice of...

[RANSOMHUB] – Ransomware Victim: medexhco[.]com

October 10, 2024

Ransomware Group: RANSOMHUB VICTIM NAME: medexhcocom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[MEOW] – Ransomware Victim: Barnes Cohen and Sullivan

October 10, 2024

Ransomware Group: MEOW VICTIM NAME: Barnes Cohen and Sullivan NOTE: No files or stolen information are by RedPacket Security. Any...

[MEOW] – Ransomware Victim: La Futura

October 10, 2024

Ransomware Group: MEOW VICTIM NAME: La Futura NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

Cobalt Strike Beacon Detected – 38[.]147[.]172[.]45:6667

October 10, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 91[.]186[.]211[.]102:8888

October 10, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 117[.]72[.]83[.]32:80

October 10, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

[MEOW] – Ransomware Victim: Atlantic Coast Consulting Inc

October 10, 2024

Ransomware Group: MEOW VICTIM NAME: Atlantic Coast Consulting Inc NOTE: No files or stolen information are by RedPacket Security. Any...

[HUNTERS] – Ransomware Victim: Glacier

October 10, 2024

Ransomware Group: HUNTERS VICTIM NAME: Glacier NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CVE Alert: CVE-2024-47763

October 10, 2024

Vulnerability Summary: CVE-2024-47763 Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack...

CVE Alert: CVE-2024-47812

October 10, 2024

Vulnerability Summary: CVE-2024-47812 ImportDump is an extension for mediawiki designed to automate user import requests. Anyone who can edit the...

CVE Alert: CVE-2024-47813

October 10, 2024

Vulnerability Summary: CVE-2024-47813 Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a `wasmtime::Engine`'s internal type...

CVE Alert: CVE-2024-43610

October 10, 2024

Vulnerability Summary: CVE-2024-43610 Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view...

CVE Alert: CVE-2024-46292

October 10, 2024

Vulnerability Summary: CVE-2024-46292 A buffer overflow in modsecurity v3.0.12 allows attackers to cause a Denial of Service (DoS) via a...

CVE Alert: CVE-2024-3656

October 10, 2024

Vulnerability Summary: CVE-2024-3656 A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege users to...

CVE Alert: CVE-2024-7038

October 10, 2024

Vulnerability Summary: CVE-2024-7038 An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model...

CVE Alert: CVE-2024-47816

October 10, 2024

Vulnerability Summary: CVE-2024-47816 ImportDump is a mediawiki extension designed to automate user import requests. A user's local actor ID is...

CVE Alert: CVE-2024-47828

October 10, 2024

Vulnerability Summary: CVE-2024-47828 ampache is a web based audio/video streaming application and file manager. A CSRF attack can be performed...

CVE Alert: CVE-2024-47815

October 10, 2024

Vulnerability Summary: CVE-2024-47815 IncidentReporting is a MediaWiki extension for moving incident reports from wikitext to database tables. There are a...

[HANDALA] – Ransomware Victim: Doscast

October 10, 2024

Ransomware Group: HANDALA VICTIM NAME: Doscast NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

OSINT

CVE Alert: CVE-2024-46304

CVE Alert: CVE-2024-46316

CVE Alert: CVE-2024-8048

CVE Alert: CVE-2024-8015

CVE Alert: CVE-2024-9671

[RANSOMHUB] – Ransomware Victim: medexhco[.]com

[MEOW] – Ransomware Victim: Barnes Cohen and Sullivan

[MEOW] – Ransomware Victim: La Futura

Cobalt Strike Beacon Detected – 38[.]147[.]172[.]45:6667

Cobalt Strike Beacon Detected – 91[.]186[.]211[.]102:8888

Cobalt Strike Beacon Detected – 117[.]72[.]83[.]32:80

[MEOW] – Ransomware Victim: Atlantic Coast Consulting Inc

[HUNTERS] – Ransomware Victim: Glacier

CVE Alert: CVE-2024-47763

CVE Alert: CVE-2024-47812

CVE Alert: CVE-2024-47813

CVE Alert: CVE-2024-43610

CVE Alert: CVE-2024-46292

CVE Alert: CVE-2024-3656

CVE Alert: CVE-2024-7038

CVE Alert: CVE-2024-47816

CVE Alert: CVE-2024-47828

CVE Alert: CVE-2024-47815

[HANDALA] – Ransomware Victim: Doscast

[FOG] – Ransomware Victim: Gruber Tool & Die (grubertool[.]com)

[LOCKBIT3] – Ransomware Victim: habeshacement[.]com

[RANSOMHUB] – Ransomware Victim: gronercrm[.]com[.]br

[FOG] – Ransomware Victim: Signal Health Washington (signalhealthwa[.]com)

[RANSOMHUB] – Ransomware Victim: wheelerassoc[.]com

You may have missed