CVE Alert: CVE-2024-43699
Vulnerability Summary: CVE-2024-43699 Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. An unauthenticated attacker may...
OSINT
CVE Alert: CVE-2024-42417
Vulnerability Summary: CVE-2024-42417 Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may...
[KILLSEC] – Ransomware Victim: bbgc[.]gov[.]bd
Ransomware Group: KILLSEC VICTIM NAME: bbgcgovbd NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[HUNTERS] – Ransomware Victim: CobelPlast
Ransomware Group: HUNTERS VICTIM NAME: CobelPlast NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Cobalt Strike Beacon Detected – 116[.]62[.]70[.]252:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]115[.]74[.]19:10001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2024-47806
Vulnerability Summary: CVE-2024-47806 Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an...
CVE Alert: CVE-2024-47807
Vulnerability Summary: CVE-2024-47807 Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `iss` (Issuer) claim of an...
CVE Alert: CVE-2024-47612
Vulnerability Summary: CVE-2024-47612 DataDump is a MediaWiki extension that provides dumps of wikis. Several interface messages are unescaped (more specifically,...
CVE Alert: CVE-2024-47611
Vulnerability Summary: CVE-2024-47611 XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows (MinGW-w64 or...
CVE Alert: CVE-2024-33210
Vulnerability Summary: CVE-2024-33210 A cross-site scripting (XSS) vulnerability has been identified in Flatpress 1.3. This vulnerability allows an attacker to...
CVE Alert: CVE-2024-20432
Vulnerability Summary: CVE-2024-20432 A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could...
CVE Alert: CVE-2024-20438
Vulnerability Summary: CVE-2024-20438 A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker...
CVE Alert: CVE-2024-20365
Vulnerability Summary: CVE-2024-20365 A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS...
CVE Alert: CVE-2024-9423
Vulnerability Summary: CVE-2024-9423 Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw...
CVE Alert: CVE-2024-20441
Vulnerability Summary: CVE-2024-20441 A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Ivanti Releases Security Update for Cloud Services Appliance
Ivanti Releases Security Update for Cloud Services Appliance Ivanti has released a security update addressing an OS command injection vulnerability...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Analysis of FY23 Risk and Vulnerability Assessments
CISA Releases Analysis of FY23 Risk and Vulnerability Assessments CISA has released an analysis and infographic detailing the findings from...
CISA: Cisco Releases Security Updates for IOS XR Software
Cisco Releases Security Updates for IOS XR Software Cisco released security updates to address vulnerabilities in Cisco ISO XR software....
CISA: New CISA Plan Aligns Federal Agencies in Cyber Defense
New CISA Plan Aligns Federal Agencies in Cyber Defense Today, the Cybersecurity and Infrastructure Security Agency (CISA) released the Federal...
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Adds Four Known Exploited Vulnerabilities to Catalog CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on September 17, 2024. These...
