threatintel

main 4

Permiso State of Identity Security 2024: A Shake-up in Identity Security Is Looming Large

October 23, 2024

Identity security is front, and center given all the recent breaches that include Microsoft, Okta, Cloudflare and Snowflake to name...

exploit

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)

October 23, 2024

A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity...

CVE Alert: CVE-2024-46240

October 23, 2024

Vulnerability Summary: CVE-2024-46240 Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under action=system and the company/contact...

CVE Alert: CVE-2024-48605

October 23, 2024

Vulnerability Summary: CVE-2024-48605 An issue in Helakuru Desktop Application v1.1 allows a local attacker to execute arbitrary code via the...

CVE Alert: CVE-2024-48925

October 23, 2024

Vulnerability Summary: CVE-2024-48925 Umbraco, a free and open source .NET content management system, has an improper access control issue starting...

CVE Alert: CVE-2024-47819

October 23, 2024

Vulnerability Summary: CVE-2024-47819 Umbraco, a free and open source .NET content management system, has a cross-site scripting vulnerability starting in...

CVE Alert: CVE-2024-49373

October 23, 2024

Vulnerability Summary: CVE-2024-49373 No Fuss Computing Centurion ERP is open source enterprise resource planning (ERP) software. Prior to version 1.2.1,...

CVE Alert: CVE-2024-45518

October 23, 2024

Vulnerability Summary: CVE-2024-45518 An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch...

CVE Alert: CVE-2024-48926

October 23, 2024

Vulnerability Summary: CVE-2024-48926 Umbraco, a free and open source .NET content management system, has an insufficient session expiration issue in...

CVE Alert: CVE-2024-48927

October 23, 2024

Vulnerability Summary: CVE-2024-48927 Umbraco, a free and open source .NET content management system, has a remote code execution issue in...

CVE Alert: CVE-2024-48929

October 23, 2024

Vulnerability Summary: CVE-2024-48929 Umbraco is a free and open source .NET content management system. In versions on the 13.x branch...

CVE Alert: CVE-2024-46538

October 23, 2024

Vulnerability Summary: CVE-2024-46538 A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML...

[MEOW] – Ransomware Victim: KEE Process

October 23, 2024

Ransomware Group: MEOW VICTIM NAME: KEE Process NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

Cobalt Strike

Cobalt Strike Beacon Detected – 39[.]100[.]104[.]125:443

October 23, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Strike Beacon Detected – 8[.]152[.]211[.]31:4444

October 23, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Strike Beacon Detected – 141[.]98[.]10[.]70:8888

October 23, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Strike Beacon Detected – 185[.]196[.]10[.]176:443

October 23, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Strike Beacon Detected – 118[.]25[.]85[.]104:4443

October 23, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Strike Beacon Detected – 150[.]158[.]49[.]95:443

October 23, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

[RHYSIDA] – Ransomware Victim: Easterseals

October 23, 2024

Ransomware Group: RHYSIDA VICTIM NAME: Easterseals NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: elnamagnetics[.]com

October 23, 2024

Ransomware Group: RANSOMHUB VICTIM NAME: elnamagneticscom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[LYNX] – Ransomware Victim: Tricon Energy

October 23, 2024

Ransomware Group: LYNX VICTIM NAME: Tricon Energy NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

lockbit

Ransomware Gangs Use LockBit’s Fame to Intimidate Victims in Latest Attacks

October 23, 2024

Threat actors have been observed abusing Amazon S3 (Simple Storage Service) Transfer Acceleration feature as part of ransomware attacks designed...

main 3

Think You’re Secure? 49% of Enterprises Underestimate SaaS Risks

October 23, 2024

It may come as a surprise to learn that 34% of security practitioners are in the dark about how many...

[SPACEBEARS] – Ransomware Victim: MENZIES CNAC (Jardine Aviation Services)

November 1, 2024

webinar

Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar

November 1, 2024

CVE Alert: CVE-2024-10594

November 1, 2024

CVE Alert: CVE-2024-10596

November 1, 2024

CVE Alert: CVE-2024-10597

November 1, 2024