Biztonsági szemle

Sault Tribe — which is the biggest federally-recognized Native American tribe in Michigan — not only had to cancel all scheduled primary care, radiology, and dental appointments but also stop gaming operations across all its Kewadin Casinos, as well...

Despite confirming that its China-based subsidiary Unimicron Technology (Shenzhen) Corp., had been disrupted by a ransomware intrusion on Jan. 30, Unimicron did not disclose being subjected to a data breach as it noted an ongoing investigation into...

Attacks involved the delivery of malicious emails warning travelers of potential denied entry due to incomplete immigration requirements that include a link redirecting to a fake government portal-spoofing website facilitating login credential and...

After being exploited in Chinese cyberattacks since October 2023, the ThinkPHP Framework local file inclusion flaw, tracked as CVE-2022-47945, has been targeted by 572 unique IP addresses, according to an analysis from GreyNoise.

Initial compromise has been followed with either malicious JavaScript code injections for credential theft, LocalOlive web shell delivery for further payload retrieval, or remote access software distribution for additional compromise.

After establishing trust with targets through the spoofing of a South Korean government official, Kimsuky — also known as APT43, ARCHIPELAGO, Black Banshee, Velvet Chollima, and Thallium — proceeded to distribute spear-phishing emails with a PDF...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT...

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-57727 SimpleHelp Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for...

CISA released twenty Industrial Control Systems (ICS) advisories on February 13, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-044-01 Siemens SIMATIC S7-1200...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: mySCADA Equipment: myPRO Manager Vulnerabilities: OS Command Injection, Missing Authentication for Critical Function, Cleartext Storage of...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT...