Skip to main content

Security Bulletin

6 Feb 2025
Biztonsági szemle

Trimble Cityworks

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity/known public exploitation Vendor: Trimble Equipment: Cityworks Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful...
cisa.gov
Read more
6 Feb 2025
Biztonsági szemle

Schneider Electric EcoStruxure Power Monitoring Expert (PME)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: EcoStruxure Power Monitoring Expert (PME) Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of...
cisa.gov
Read more
6 Feb 2025
Biztonsági szemle

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0411 7-Zip Mark of the Web Bypass Vulnerability CVE-2022-23748 Dante Discovery Process Control Vulnerability CVE...
cisa.gov
Read more
6 Feb 2025
Biztonsági szemle

ABB Drive Composer

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: Drive Composer Vulnerability: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 2. RISK EVALUATION...
cisa.gov
Read more
6 Feb 2025
Biztonsági szemle

MicroDicom DICOM Viewer

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.7 ATTENTION: Low attack complexity Vendor: MicroDicom Equipment: DICOM Viewer Vulnerability: Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
cisa.gov
Read more
6 Feb 2025
Biztonsági szemle

Schneider Electric EcoStruxure

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: EcoStruxure Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability allows for...
cisa.gov
Read more
6 Feb 2025
Biztonsági szemle

Orthanc Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Orthanc Equipment: Orthanc Server Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this...
cisa.gov
Read more
6 Feb 2025
Biztonsági szemle

The Unbreakable Multi-Layer Anti-Debugging System, (Thu, Feb 6th)

The title of this diary is based on the string I found in a malicious Python script that implements many anti-debugging techniques. If some were common, others were interesting and demonstrated how low-level high-level languages like Python can...
isc.sans.edu
Read more
6 Feb 2025
Biztonsági szemle

Basket of Bank Trojans Defraud Citizens of East India

Cheap banking scams are often easier to pull off in a country with older devices, fewer regulations, and experienced fraudsters.
darkreading.com
Read more
6 Feb 2025
Biztonsági szemle

ISC Stormcast For Thursday, February 6th, 2025 https://isc.sans.edu/podcastdetail/9312, (Thu, Feb 6th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
isc.sans.edu
Read more
ransomware_AdobeStock_214627197
5 Feb 2025
Biztonsági szemle

Ransomware payments drop 35% in 2024, first decrease since 2022

The first half of 2024 recorded an increase in ransomware payouts.
scmagazine.com
Read more
Featured image for {“vendor”:”ppworks”,”type”:”segment”,”id”:”13521″} podcast from PPWorks
5 Feb 2025
Biztonsági szemle

C-Suite Cybersecurity Responsibilities, Humble Leaders, and Effective Communication - BSW #381

scmagazine.com
Read more
Language
Audience