Biztonsági szemle

Google says the issue has to do with organizations ensuring they implement least-privilege principles.

TsuKing is a new DNS amplification attack. Instead of exploiting individual DNS resolvers independently to achieve an amplification effect, TsuKing deftly coordinates numerous vulnerable DNS resolvers and crafted queries together to form potent DoS...

When fire ignited during Technical Solutions Architect Rick B.'s family vacation, they joined in to help the Hawaii they love, knowing Cisco had their backs.

Hear more about the challenges, trends and opportunities facing today’s healthcare cybersecurity leaders in this podcast episode with Becker's Healthcare.

I’ve never had the intention to join the technology industry, in fact, I had never even heard of Cisco up until a couple of months before I joined the company, and now it’s been 27 years since I first started! In the multiple career development...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: InfraSuite Device Master Vulnerabilities: Path Traversal, Deserialization of Untrusted Data, Exposed Dangerous...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company (BD) Equipment: FACSChorus Vulnerabilities: Missing Protection Mechanism for Alternate Hardware Interface, Missing Authentication for...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Franklin Electric Fueling Systems Equipment: Colibri Vulnerability: Path Traversal 2. RISK EVALUATION Successful...

CISA released four Industrial Control Systems (ICS) advisories on November 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-331-01 Delta Electronics InfraSuite...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 2.9 ATTENTION: Exploitable locally Vendor: Mitsubishi Electric Corporation Equipment: GX Works2 Vulnerability: Denial-of-Service 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a...

CISA is responding to active exploitation of Unitronics programmable logic controllers (PLCs) used in the Water and Wastewater Systems (WWS) Sector. Cyber threat actors are targeting PLCs associated with WWS facilities, including an identified...