Biztonsági szemle

One of our honeypots received unusually many requests for an OpenID connect configuration file. This honeypot is configured a bit differently as it is more experimental to test new software, so the logs do not show up on our main site. Overall, there...

With Time2Give, a Cisco benefit of 80 volunteer hours in addition to regular paid time off, Business Operations Manager Cristina L. fulfilled her dream to travel to Africa and work with sea turtles.

More and more hackers are choosing to host their malicious campaigns from public services, and they're pioneering new ways of doing it.

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: EFACEC Equipment: UC 500 Vulnerabilities: Cleartext Transmission of Sensitive Information, Open Redirect, Exposure of Sensitive Information to an...

CISA released seven Industrial Control Systems (ICS) advisories on December 19, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-353-01 Subnet Solutions Inc...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Subnet Solutions Inc. Equipment: PowerSYSTEM Center Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Open Design Alliance (ODA) Equipment: Drawing SDK Vulnerabilities: Use after Free, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: EFACEC Equipment: BCU 500 Vulnerabilities: Uncontrolled Resource Consumption, Cross-site Request Forgery 2. RISK EVALUATION Successful...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: EuroTel Equipment: ETL3100 Vulnerabilities: Improper Restriction of Excessive Authentication Attempts...

Israeli intelligence said a cyber unit of Hezbollah also was involved in the cyberattack.

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories...

Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), #StopRansomware: ALPHV Blackcat, to disseminate known ALPHV Blackcat affiliates’ tactics, techniques, and procedures (TTPs) and indicators of...