[RHYSIDA] – Ransomware Victim: Daughterly Care
Ransomware Group: RHYSIDA VICTIM NAME: Daughterly Care NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
OSINT
Cobalt Strike Beacon Detected – 118[.]25[.]177[.]108:1234
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 8[.]217[.]222[.]41:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 84[.]247[.]176[.]194:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 111[.]230[.]25[.]167:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]242[.]1[.]120:8090
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 43[.]153[.]228[.]97:8880
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 156[.]238[.]238[.]145:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]115[.]171[.]100:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber...
Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East
An Iranian advanced persistent threat (APT) threat actor likely affiliated with the Ministry of Intelligence and Security (MOIS) is now...
Ukraine Bans Telegram Use for Government and Military Personnel
Ukraine has restricted the use of the Telegram messaging app by government officials, military personnel, and other defense and critical...
LinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICO
The U.K. Information Commissioner's Office (ICO) has confirmed that professional social networking platform LinkedIn has suspended processing users' data in...
Passwordless AND Keyless: The Future of (Privileged) Access Management
In IT environments, some secrets are managed well and some fly under the radar. Here's a quick checklist of what...
Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials
Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen...
[QILIN] – Ransomware Victim: Woodard , Hernandez , Roth & Day
Ransomware Group: QILIN VICTIM NAME: Woodard , Hernandez , Roth & Day NOTE: No files or stolen information are by...
[RANSOMHUB] – Ransomware Victim: savannahcandy[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: savannahcandycom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: Acho[.]io
Ransomware Group: RANSOMHUB VICTIM NAME: Achoio NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2024-6785
Vulnerability Summary: CVE-2024-6785 The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify...
CVE Alert: CVE-2024-6787
Vulnerability Summary: CVE-2024-6787 This vulnerability occurs when an attacker exploits a race condition between the time a file is checked...
CVE Alert: CVE-2024-6786
Vulnerability Summary: CVE-2024-6786 The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them...
CVE Alert: CVE-2024-8680
Vulnerability Summary: CVE-2024-8680 The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings...
CVE Alert: CVE-2024-9048
Vulnerability Summary: CVE-2024-9048 A vulnerability was found in y_project RuoYi up to 4.7.9. It has been declared as problematic. Affected...
CVE Alert: CVE-2024-9075
Vulnerability Summary: CVE-2024-9075 A vulnerability was found in Stirling-Tools Stirling-PDF up to 0.28.3. It has been declared as problematic. This...
