Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users
Google's cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of...
OSINT
CVE Alert: CVE-2024-47462
Vulnerability Summary: CVE-2024-47462 An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. Successful exploitation...
CVE Alert: CVE-2024-51740
Vulnerability Summary: CVE-2024-51740 Combodo iTop is a simple, web based IT Service Management tool. This vulnerability can be used to...
CVE Alert: CVE-2024-50335
Vulnerability Summary: CVE-2024-50335 SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. The "Publish Key" field in SuiteCRM's...
CVE Alert: CVE-2024-10084
Vulnerability Summary: CVE-2024-10084 The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic Information Disclosure...
CVE Alert: CVE-2024-7995
Vulnerability Summary: CVE-2024-7995 A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due...
CVE Alert: CVE-2024-47460
Vulnerability Summary: CVE-2024-47460 Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending...
CVE Alert: CVE-2024-42509
Vulnerability Summary: CVE-2024-42509 Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending...
CVE Alert: CVE-2024-47463
Vulnerability Summary: CVE-2024-47463 An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. Successful exploitation...
CVE Alert: CVE-2024-47464
Vulnerability Summary: CVE-2024-47464 An authenticated Path Traversal vulnerability exists in Instant AOS-8 and AOS-10. Successful exploitation of this vulnerability allows...
CVE Alert: CVE-2024-47461
Vulnerability Summary: CVE-2024-47461 An authenticated command injection vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. A successful...
[LYNX] – Ransomware Victim: LmayInteroute agency
Ransomware Group: LYNX VICTIM NAME: LmayInteroute agency NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
Altenen – 1,267,701 breached accounts
HIBP In June 2022, the malicious "carding" (referring to credit card fraud) website Altenen suffered a data breach that was...
Dennis Kirk – 1,356,026 breached accounts
HIBP In October 2024, almost 20GB of data containing 1.3M unique email addresses from motorcycle supplies store Dennis Kirk was...
CISA: Avoid Scams After Disaster Strikes
Avoid Scams After Disaster Strikes As hurricanes and other natural disasters occur, CISA urges individuals to remain on alert for...
CISA: Microsoft Releases October 2024 Security Updates
Microsoft Releases October 2024 Security Updates Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and FBI Release Fact Sheet on Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations
CISA and FBI Release Fact Sheet on Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations Today, CISA...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on October 15, 2024. These...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies
Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies CISA has observed cyber threat actors leveraging unencrypted...
CISA: CISA Releases Twenty-One Industrial Control Systems Advisories
CISA Releases Twenty-One Industrial Control Systems Advisories CISA released twenty-one Industrial Control Systems (ICS) advisories on October 10, 2024. These...
CISA: Guidance: Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM)
Guidance: Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM) Today, CISA published the Framing Software Component Transparency, created...