CVE Alert: CVE-2024-56140
Vulnerability Summary: CVE-2024-56140 Astro is a web framework for content-driven websites. In affected versions a bug in Astro’s CSRF-protection middleware...
OSINT
CVE Alert: CVE-2024-53271
Vulnerability Summary: CVE-2024-53271 Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1...
CVE Alert: CVE-2024-53269
Vulnerability Summary: CVE-2024-53269 Envoy is a cloud-native high-performance edge/middle/service proxy. When additional address are not ip addresses, then the Happy...
CVE Alert: CVE-2024-53270
Vulnerability Summary: CVE-2024-53270 Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions `sendOverloadError` is going to assume the active...
[CLOP] – Ransomware Victim: IMSPLGROUP[.]COM
Ransomware Group: CLOP VICTIM NAME: IMSPLGROUPCOM NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[CLOP] – Ransomware Victim: EMPRESARIA[.]COM
Ransomware Group: CLOP VICTIM NAME: EMPRESARIACOM NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[FUNKSEC] – Ransomware Victim: agti[.]eng[.]br
Ransomware Group: FUNKSEC VICTIM NAME: agtiengbr NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[FUNKSEC] – Ransomware Victim: web[.]vaips[.]cl
Ransomware Group: FUNKSEC VICTIM NAME: webvaipscl NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[ABYSS] – Ransomware Victim: bataviacontainer[.]com
Ransomware Group: ABYSS VICTIM NAME: bataviacontainercom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2022-40733
Vulnerability Summary: CVE-2022-40733 An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows...
CVE Alert: CVE-2024-41138
Vulnerability Summary: CVE-2024-41138 A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094...
CVE Alert: CVE-2022-40732
Vulnerability Summary: CVE-2022-40732 An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows...
CVE Alert: CVE-2024-41145
Vulnerability Summary: CVE-2024-41145 A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094...
CVE Alert: CVE-2024-39804
Vulnerability Summary: CVE-2024-39804 A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially crafted library can leverage...
CVE Alert: CVE-2024-42004
Vulnerability Summary: CVE-2024-42004 A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted...
CVE Alert: CVE-2024-41159
Vulnerability Summary: CVE-2024-41159 A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage...
CVE Alert: CVE-2024-43106
Vulnerability Summary: CVE-2024-43106 A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted library can leverage...
CVE Alert: CVE-2024-41165
Vulnerability Summary: CVE-2024-41165 A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage...
CVE Alert: CVE-2024-42220
Vulnerability Summary: CVE-2024-42220 A library injection vulnerability exists in Microsoft Outlook 16.83.3 for macOS. A specially crafted library can leverage...
[LOCKBIT3] – Ransomware Victim: lockbit4[.]com
Ransomware Group: LOCKBIT3 VICTIM NAME: lockbit4com NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on November 21, 2024. These...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on November 26, 2024. These...
CISA: CISA Releases Insights from Red Team Assessment of a U.S. Critical Infrastructure Sector Organization
CISA Releases Insights from Red Team Assessment of a U.S. Critical Infrastructure Sector Organization Today, CISA released Enhancing Cyber Resilience:...
