F5 warns its customers of tens of flaws in its products
Cybersecurity provider F5 released security patches to address tens of vulnerabilities affecting its products. Security and application delivery solutions provider...
threatintel
A new secret stash for “fileless” malware
In February 2022 we observed the technique of putting the shellcode into Windows event logs for the first time “in...
LockBit 2.0 Ransomware Victim: nizing[.]com[.]tw
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 2.0 Ransomware Victim: aref[.]government[.]bg
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 2.0 Ransomware Victim: rogz[.]com
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
China-linked Winnti APT steals intellectual property from companies worldwide
A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. Researchers...
Cliam – Multi Cloud IAM Permissions Enumeration Tool
Multi cloud iam permissions enumeration tool. Currently covers: AWS GCP Azure Oracle Description Cliam is a simple cloud permissions identifier....
CISA: Mozilla Releases Security Updates for Firefox and Firefox ESR
Mozilla Releases Security Updates for Firefox and Firefox ESR Mozilla has released security updates to address vulnerabilities in Firefox and...
CISA: F5 Releases Security Advisories Addressing Multiple Vulnerabilities
F5 Releases Security Advisories Addressing Multiple Vulnerabilities F5 has released security advisories on vulnerabilities affecting multiple products, including various versions...
Unfixed vulnerability in popular library puts IoT products at risk
Researchers have found a vulnerability in a popular C standard library in IoT products that could allow attackers to perform...
CISA: CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA Adds Five Known Exploited Vulnerabilities to Catalog CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
8 security tips for small businesses
Small businesses and startups are known to face some extra challenges when it comes to cybersecurity. Because they don’t have...
Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites
Pro-Ukraine hackers are using Docker images to launch distributed denial-of-service (DDoS) attacks against a dozen Russian and Belarusian websites. Pro-Ukraine hackers, likely linked...
Experts linked multiple ransomware strains North Korea-backed APT38 group
Researchers from Trellix linked multiple ransomware strains to the North Korea-backed APT38 group. The ransomware was employed in attacks on...
LDAPFragger – Command And Control Tool That Enables Attackers To Route Cobalt Strike Beacon Data Over LDAP
LDAPFragger is a Command and Control tool that enables attackers to route From network segment A, run LDAPFragger --cshost <Cobalt...
Fake Cyberpunk Ape Executives target artists with malware-laden job offer
The wacky world of ape jpegs are at the heart of yet another increasingly bizarre internet scam, which contains malware,...
An expert shows how to stop popular ransomware samples via DLL hijacking
A security researcher discovered that samples of Conti, REvil, LockBit ransomware were vulnerable to DLL hijacking. The security researcher John...
Conti Ransomware Victim: https-www-eypae-co
continews NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
China-linked APT Curious Gorge targeted Russian govt agencies
China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG)...
LeakedHandlesFinder – Leaked Windows Processes Handles Identification Tool
Leaked Presented at rootedcon 2022 https://www.rootedcon.com/ponentes-rooted2022/. Presentation -> Presentation/Exploiting Leaked Handles for LPE.pdf Download LeakedHandlesFinder If you like the site,...
US-CERT Bulletin (SB22-122):Vulnerability Summary for the Week of April 25, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
State-backed hacking group from China is targeting the Russian military
In an unexpected turn of events, research has surfaced about a Chinese APT (advanced persistent threat) group targeting the Russian...
A DNS flaw impacts a library used by millions of IoT devices
A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of...
Craft fair vendors targeted by fake event scammers on Facebook
A real world scam which sucks the fun out of craft fairs has caused nothing but stress for victims. It...
