Security Bulletin

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

FBI says malware operation is building a botnet out of smart cameras and video boxes.

Cyberattacks against OT/ICS engineering workstations are widely underestimated, according to researchers who discovered malware designed to shut down Siemens workstation engineering processes.

Fortinet has patched CVE-2023-34990 in its Wireless LAN Manager (FortiWLM), which combined with CVE-2023-48782 could allow for unauthenticated remote code execution (RCE) and the ability to read all log files.

Unlock the full potential of AI solutions on Cisco infrastructure. Access Tracks 1-2 of the new AI Solutions on Cisco Infrastructure Essentials Learning Path, available now as in Cisco U. Free.

Proceeds from the latest round will be used to accelerate the company’s growth into key markets such as the United States and Europe, alongside other high-growth regions.

The flaw circumvents AMD’s Secure Encrypted Virtualization, which encrypts virtual machine memory to safeguard cloud customer data, by tampering with the Serial Presence Detect chip on memory modules using hardware that can cost under $10.

According to the report, such accounts, which often use default passwords and lack proper monitoring -- exposing cloud-native environments to significant risks -- now constitute over 90% of Active Directory identities.

The product, which is now in beta for Rubrik Enterprise Edition and cloud customers, aims to address challenges associated with prolonged business outages during cyberattacks, reducing the traditional recovery timeline from days or weeks to moments.

DeviceTRUST offers solutions that focus on real-time contextual access for virtual desktop infrastructure and desktop as a service, allowing enterprises to secure digital workspaces by continuously monitoring device posture, user location, and other...

Employing tactics such as living-off-the-land techniques and targeting both Linux and Windows systems, the group is suspected to include former affiliates of LockBit and BlackCat.