[KAIROS] – Ransomware Victim: austinsfs[.]com[.]au
Ransomware Group: KAIROS VICTIM NAME: austinsfscomau NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
OSINT
[AKIRA] – Ransomware Victim: ProCaps Laboratories
Ransomware Group: AKIRA VICTIM NAME: ProCaps Laboratories NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
CVE Alert: CVE-2024-7139
Vulnerability Summary: CVE-2024-7139 Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow. This...
CVE Alert: CVE-2024-49765
Vulnerability Summary: CVE-2024-49765 Discourse is an open source platform for community discussion. Sites that are using discourse connect but still...
CVE Alert: CVE-2024-52794
Vulnerability Summary: CVE-2024-52794 Discourse is an open source platform for community discussion. Users clicking on the lightbox thumbnails could be...
CVE Alert: CVE-2024-52589
Vulnerability Summary: CVE-2024-52589 Discourse is an open source platform for community discussion. Moderators can see the Screened emails list in...
CVE Alert: CVE-2024-53991
Vulnerability Summary: CVE-2024-53991 Discourse is an open source platform for community discussion. This vulnerability only impacts Discourse instances configured to...
CVE Alert: CVE-2024-12728
Vulnerability Summary: CVE-2024-12728 A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version...
CVE Alert: CVE-2024-54009
Vulnerability Summary: CVE-2024-54009 Remote authentication bypass vulnerability in HPE Alletra Storage MP B10000 in versions prior to version 10.4.5 could...
CVE Alert: CVE-2024-12727
Vulnerability Summary: CVE-2024-12727 A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall versions older than 21.0...
CVE Alert: CVE-2024-12700
Vulnerability Summary: CVE-2024-12700 There is an unrestricted file upload vulnerability where it is possible for an authenticated user (low privileged)...
CVE Alert: CVE-2024-12729
Vulnerability Summary: CVE-2024-12729 A post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely in...
schenkYOU – 237,349 breached accounts
HIBP In September 2024, data from the online German gift store schenkYOU was put up for sale on a popular...
Young Living Essential Oils – 1,128,951 breached accounts
HIBP In December 2024, data claimed to be breached from the multi-level marketing company Young Living Essential Oils was posted...
BitView – 63,127 breached accounts
HIBP In December 2024, the video sharing Community BitView suffered a data breach that exposed 63k customer records. Attributed to...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on November 26, 2024. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Insights from Red Team Assessment of a U.S. Critical Infrastructure Sector Organization
CISA Releases Insights from Red Team Assessment of a U.S. Critical Infrastructure Sector Organization Today, CISA released Enhancing Cyber Resilience:...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and Partners Release Joint Guidance on PRC-Affiliated Threat Actor Compromising Networks of Global Telecommunications Providers
CISA and Partners Release Joint Guidance on PRC-Affiliated Threat Actor Compromising Networks of Global Telecommunications Providers Today, CISA—in partnership with...
CISA: ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies
ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies Today, CISA—in partnership with...
CISA: CISA Releases New Public Version of CDM Data Model Document
CISA Releases New Public Version of CDM Data Model Document Today, the Cybersecurity and Infrastructure Security Agency (CISA) released an...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Cisco Releases Security Updates for NX-OS Software
Cisco Releases Security Updates for NX-OS Software Cisco released security updates to address a vulnerability in Cisco NX-OS software. A...
