Cobalt Strike Beacon Detected – 156[.]224[.]21[.]105:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
OSINT
[RANSOMHUB] – Ransomware Victim: bartleycorp[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: bartleycorpcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2024-43428
Vulnerability Summary: CVE-2024-43428 To address a cache poisoning risk in Moodle, additional validation for local storage was required. Affected Endpoints:...
CVE Alert: CVE-2024-43431
Vulnerability Summary: CVE-2024-43431 A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a...
CVE Alert: CVE-2024-8442
Vulnerability Summary: CVE-2024-8442 The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) plugin for...
CVE Alert: CVE-2024-24914
Vulnerability Summary: CVE-2024-24914 Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security...
CVE Alert: CVE-2024-51504
Vulnerability Summary: CVE-2024-51504 When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing --...
CVE Alert: CVE-2024-43436
Vulnerability Summary: CVE-2024-43436 A SQL injection risk flaw was found in the XMLDB editor tool available to site administrators. Affected...
CVE Alert: CVE-2024-43440
Vulnerability Summary: CVE-2024-43440 A flaw was found in moodle. A local file may include risks when restoring block backups. Affected...
CVE Alert: CVE-2024-43438
Vulnerability Summary: CVE-2024-43438 A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message...
CVE Alert: CVE-2024-43425
Vulnerability Summary: CVE-2024-43425 A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk...
CVE Alert: CVE-2024-43426
Vulnerability Summary: CVE-2024-43426 A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary...
[RANSOMHUB] – Ransomware Victim: interlabel[.]be
Ransomware Group: RANSOMHUB VICTIM NAME: interlabelbe NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[APT73] – Ransomware Victim: liftkits4less[.]com
Ransomware Group: APT73 VICTIM NAME: liftkits4lesscom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[APT73] – Ransomware Victim: www[.]lamaisonducitron[.]com
Ransomware Group: APT73 VICTIM NAME: wwwlamaisonducitroncom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: del-electric[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: del-electriccom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[APT73] – Ransomware Victim: www[.]baldinger-ag[.]ch
Ransomware Group: APT73 VICTIM NAME: wwwbaldinger-agch NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[MEDUSA] – Ransomware Victim: Marisa S[.]A
Ransomware Group: MEDUSA VICTIM NAME: Marisa SA NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services
The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications,...
IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools
High-profile entities in India have become the target of malicious campaigns orchestrated by the Pakistan-based Transparent Tribe threat actor and...
CVE Alert: CVE-2024-8378
Vulnerability Summary: CVE-2024-8378 The Safe SVG WordPress plugin before 2.2.6 has its sanitisation code is only running for paths that...
CVE Alert: CVE-2024-10965
Vulnerability Summary: CVE-2024-10965 A vulnerability classified as problematic was found in emqx neuron up to 2.10.0. Affected by this vulnerability...
CVE Alert: CVE-2024-43434
Vulnerability Summary: CVE-2024-43434 The bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check,...
CVE Alert: CVE-2024-9926
Vulnerability Summary: CVE-2024-9926 The Jetpack WordPress plugin does not have proper authorisation in one of its REST endpoint, allowing any...
