Skip to main content

Security Bulletin

3 Dec 2024
Biztonsági szemle

CISA and Partners Release Joint Guidance on PRC-Affiliated Threat Actor Compromising Networks of Global Telecommunications Providers

Today, CISA—in partnership with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international partners—released joint guidance, Enhanced Visibility and Hardening Guidance for Communications Infrastructure. Partners...
cisa.gov
Read more
3 Dec 2024
Biztonsági szemle

ICONICS and Mitsubishi Electric GENESIS64 Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: ICONICS, Mitsubishi Electric Equipment: ICONICS GENESIS64 Product Suite and Mitsubishi Electric MC Works64 Vulnerabilities: Uncontrolled Search Path Element, Dead...
cisa.gov
Read more
3 Dec 2024
Biztonsági szemle

Open Automation Software

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Open Automation Software Equipment: Open Automation Software Vulnerability: Incorrect Execution-Assigned Permissions 2. RISK EVALUATION Successful exploitation of...
cisa.gov
Read more
3 Dec 2024
Biztonsági szemle

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems (ICS) advisories on December 3, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-338-01 Ruijie Reyee OS ICSA-24-338...
cisa.gov
Read more
3 Dec 2024
Biztonsági szemle

Fuji Electric Tellus Lite V-Simulator

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Tellus Lite V-Simulator Vulnerabilities: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash...
cisa.gov
Read more
3 Dec 2024
Biztonsági szemle

Siemens RUGGEDCOM APE1808

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT...
cisa.gov
Read more
3 Dec 2024
Biztonsági szemle

Ruijie Reyee OS

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Ruijie Equipment: Reyee OS Vulnerabilities: Weak Password Recovery Mechanism for Forgotten Password, Exposure of Private Personal Information to...
cisa.gov
Read more
3 Dec 2024
Biztonsági szemle

Fuji Electric Monitouch V-SFT

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Monitouch V-SFT Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device...
cisa.gov
Read more
3 Dec 2024
Biztonsági szemle

ISC Stormcast For Tuesday, December 3rd, 2024 https://isc.sans.edu/podcastdetail/9238, (Tue, Dec 3rd)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
isc.sans.edu
Read more
word_AdobeStock_289977971_Editorial_Use_Only
3 Dec 2024
Biztonsági szemle

Corrupted Microsoft Office documents used in phishing campaign

The corrupted files evade security systems but are easily recovered to deliver phishing links.
scmagazine.com
Read more
A vibrant digital lock glows against a backdrop of intricate circuitry, representing advanced cybersecurity. The scene is filled with colorful lights, creating a sense of energy and innovation.
3 Dec 2024
Biztonsági szemle

Leveraging AI securely: Microsoft’s approach to AI data protection

To move beyond the challenges of "Shadow AI," organizations are looking to AI-powered productivity tools and solutions.
scmagazine.com
Read more
Featured image for {“vendor”:”ppworks”,”type”:”segment”,”id”:”13352″} podcast from PPWorks
2 Dec 2024
Biztonsági szemle

Security Money: Of Course Okta Should Be In The Index - BSW #374

scmagazine.com
Read more
Language
Audience