Biztonsági szemle

At a career crossroads, Niloo took a leap, joining Cisco as a Wireless System Engineer, finding fulfillment through innovation, inclusivity, and mentorship.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk View ME Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: PowerFlex 527 Vulnerabilities: Improper Input Validation, Uncontrolled Resource Consumption 2. RISK EVALUATION...

CISA released four Industrial Control Systems (ICS) advisories on March 26, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-086-01 Automation-Direct C-MORE EA9...

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-24955 Microsoft SharePoint Server Code Injection Vulnerability These types of vulnerabilities are frequent attack...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: low attack complexity Vendor: Rockwell Automation Equipment: Arena Simulation Software Vulnerabilities: Out-of-bounds Write, Heap-based Buffer Overflow, Improper Restriction of Operations within...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: AutomationDirect Equipment: C-MORE EA9 HMI Vulnerabilities: Path Traversal, Stack-Based Buffer Overflow, Plaintext Storage of a Password 2. RISK...

All of the vulnerabilities should be remediated by federal agencies by Apr. 15, according to CISA.

More details regarding state and local governments' vulnerability assessment measures have been sought by Deputy National Security Advisor for Cyber and Emerging Technologies.

More details regarding the reported breach of the Department of Health and Human Services' Health Resources and Services Administration grant payments platform from March to November 2023 have been demanded.

Such impacted systems contained certain CWU member information but further investigation into a possible data breach is still needed.

The City of St. Cloud in Florida have confirmed that the city's services have been disrupted by a ransomware attack.