Security Bulletin

Cybercrime is big business, and techniques of bad actors are growing increasingly sophisticated. That leaves security teams thirsting for near realtime intelligence about the threat landscape.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DTN Soft Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Rockwell Automation Equipment: ThinManager ThinServer Vulnerabilities: Improper Privilege Management, Incorrect Permission Assignment for...

Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include...

CISA released three Industrial Control Systems (ICS) advisories on August 29, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-242-01 Rockwell Automation...

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI), Multi-State Information Sharing and Analysis Center (MS-ISAC), and Department of Health and Human Services (HHS)—released a joint Cybersecurity Advisory, #StopRansomware...

Sure, everyone focuses on CVEs, but not every company has the ability to have full visibility into legacy IT.

Hybrid mesh firewall platforms enable security policy enforcement between workloads and users across any network, especially in on prem-first organizations.

In my previous diary[ 1], I explained why Python became popular for attackers. One of the given reason was that, from Python scripts, it&#x27s possible to call any Windows API and, therefore, perform low-level activities on the system. In another...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The most popular office software suite in China actually has two critical vulnerabilities, which allowed hackers the opportunity for remote code execution. Time to patch.