Biztonsági szemle

The ACE3 controller, which is an integral component to the management of charging and data transfer tasks in Apple devices, was compromised using reverse-engineering techniques to exploit weaknesses in its firmware and communication protocols.

A new attack method dubbed transaction simulation spoofing has emerged as a significant threat to cryptocurrency users with its ability to let malicious actors exploit a key security feature in modern Web3 wallets.

Part predictive analysis, part intuition, risk and reputation services are imperfect instruments at best — and better than nothing for most organizations and insurers.

All demographic information belonging to students and teachers dating back to a school district with almost 9,000 pupils' initial installation of PowerSchool have also been accessed as a result of the hack, according to a source close to the matter...

Investigation into the incident is still underway, said a University of Oklahoma spokesperson, who also noted the implementation of additional network security measures.

A “human first” cybersecurity approach can deliver the resiliency organizations will need to survive in the AI era.

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 4.9 ATTENTION: Low attack complexity Vendor: Hitachi Energy Equipment: FOX61x, FOXCST, FOXMAN-UN Vulnerability: Improper Validation of Certificate with Host Mismatch 2. RISK EVALUATION Successful exploitation of...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Data Center Expert Vulnerabilities: Improper Verification of Cryptographic Signature, Missing Authentication for...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT...

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-50603 Aviatrix Controllers OS Command Injection Vulnerability These types of vulnerabilities are frequent attack...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT...