threatintel

CVE Alert: CVE-2024-56057

December 19, 2024

Vulnerability Summary: CVE-2024-56057 Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to...

Read More

CVE Alert: CVE-2024-56055

December 19, 2024

Vulnerability Summary: CVE-2024-56055 Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2....

Read More

CVE Alert: CVE-2024-56048

December 19, 2024

Vulnerability Summary: CVE-2024-56048 Missing Authorization vulnerability in VibeThemes WPLMS allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS:...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 47[.]238[.]103[.]180:54322

December 19, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 92[.]118[.]170[.]81:54322

December 19, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 124[.]222[.]164[.]43:6667

December 19, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 101[.]200[.]193[.]211:443

December 19, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 147[.]45[.]47[.]88:4433

December 19, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 101[.]35[.]228[.]105:443

December 19, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 120[.]46[.]212[.]33:81

December 19, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

PoshC2Logo

Posh C2 Detected – 185[.]147[.]124[.]104:443

December 19, 2024

The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...

Read More

CVE Alert: CVE-2024-12741

December 19, 2024

Vulnerability Summary: CVE-2024-12741 A deserialization of untrusted data vulnerability exists in NI DAQExpress that may result in remote code execution....

Read More

CVE Alert: CVE-2024-51470

December 19, 2024

Vulnerability Summary: CVE-2024-51470 IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance...

Read More

CVE Alert: CVE-2024-56053

December 19, 2024

Vulnerability Summary: CVE-2024-56053 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows...

Read More

CVE Alert: CVE-2024-49363

December 19, 2024

Vulnerability Summary: CVE-2024-49363 Misskey is an open source, federated social media platform. In affected versions FileServerService (media proxy) in github.com/misskey-dev/misskey...

Read More

CVE Alert: CVE-2024-52579

December 19, 2024

Vulnerability Summary: CVE-2024-52579 Misskey is an open source, federated social media platform. Some APIs using `HttpRequestService` do not properly check...

Read More

CVE Alert: CVE-2024-12686

December 19, 2024

Vulnerability Summary: CVE-2024-12686 A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow...

Read More

CVE Alert: CVE-2024-56140

December 19, 2024

Vulnerability Summary: CVE-2024-56140 Astro is a web framework for content-driven websites. In affected versions a bug in Astro’s CSRF-protection middleware...

Read More

CVE Alert: CVE-2024-53271

December 19, 2024

Vulnerability Summary: CVE-2024-53271 Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1...

Read More

CVE Alert: CVE-2024-53269

December 19, 2024

Vulnerability Summary: CVE-2024-53269 Envoy is a cloud-native high-performance edge/middle/service proxy. When additional address are not ip addresses, then the Happy...

Read More

CVE Alert: CVE-2024-53270

December 19, 2024

Vulnerability Summary: CVE-2024-53270 Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions `sendOverloadError` is going to assume the active...

Read More

[CLOP] – Ransomware Victim: IMSPLGROUP[.]COM

December 19, 2024

Ransomware Group: CLOP VICTIM NAME: IMSPLGROUPCOM NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

Read More

[CLOP] – Ransomware Victim: EMPRESARIA[.]COM

December 19, 2024

Ransomware Group: CLOP VICTIM NAME: EMPRESARIACOM NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

Read More

[FUNKSEC] – Ransomware Victim: agti[.]eng[.]br

December 19, 2024

Ransomware Group: FUNKSEC VICTIM NAME: agtiengbr NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

Read More

unlock_membership

Building a Cyber-Aware Culture: The Importance of Security Awareness Training

January 13, 2025

HIBP-Banner-1

SuperDraft – 300,187 breached accounts

January 13, 2025

HIBP-Banner-1

Scholastic – 4,247,768 breached accounts

January 13, 2025

CISA_Logo

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

January 13, 2025

CISA_Logo

CISA: ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies

January 13, 2025