Skip to main content

Security Bulletin

10 Sep 2024
Biztonsági szemle

BPL Medical Technologies PWS-01-BT and BPL Be Well Android Application

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION: Low attack complexity/public exploits are available Vendor: BPL Medical Technologies Equipment: PWS-01-BT, Be Well Android App Vulnerability: Cleartext Transmission of Sensitive Information 2...
cisa.gov
Read more
10 Sep 2024
Biztonsági szemle

iniNet Solutions SpiderControl SCADA Web Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: iniNet Solutions GmbH Equipment: SpiderControl SCADA Web Server Vulnerabilities: Unrestricted Upload of File with Dangerous Type 2. RISK...
cisa.gov
Read more
10 Sep 2024
Biztonsági szemle

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems (ICS) advisory on September 10, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-254-01 Viessmann Climate Solutions...
cisa.gov
Read more
10 Sep 2024
Biztonsági szemle

Ivanti Releases Security Updates for Endpoint Manager, Cloud Service Application, and Workspace Control

Ivanti released security updates to address multiple vulnerabilities in Ivanti Endpoint Manager, Cloud Service Application 4.6, and Workspace Control. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected...
cisa.gov
Read more
10 Sep 2024
Biztonsági szemle

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38226 Microsoft Publisher Security Feature Bypass Vulnerability CVE-2024-43491 Microsoft Windows Update Remote...
cisa.gov
Read more
10 Sep 2024
Biztonsági szemle

Microsoft Releases September 2024 Security Updates

Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the...
cisa.gov
Read more
10 Sep 2024
Biztonsági szemle

Cisco Releases Security Updates for Cisco Smart Licensing Utility

Cisco released security updates to address two vulnerabilities (CVE-2024-20439 and CVE-2024-20440) in Cisco Smart Licensing Utility. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA...
cisa.gov
Read more
Identity
10 Sep 2024
Biztonsági szemle

National Public Data breach underscores the need for stronger digital identities

Here are five ways to strengthen digital identities.
scmagazine.com
Read more
10 Sep 2024
Biztonsági szemle

Gallup Addresses XSS Bugs in Website

Researchers flagged a pair of Gallup site XSS vulnerabilities.
darkreading.com
Read more
10 Sep 2024
Biztonsági szemle

Gallup Addresses XSS Bugs in Website

Researchers flagged a pair of Gallup site XSS vulnerabilities.
darkreading.com
Read more
10 Sep 2024
Biztonsági szemle

Chinese Tag Team APTs Keep Stealing Asian Gov't Secrets

A PRC threat cluster known as "Crimson Palace" is demonstrating the benefits of having specialized units carry out distinct stages of a wider attack chain.
darkreading.com
Read more
10 Sep 2024
Biztonsági szemle

ISC Stormcast For Tuesday, September 10th, 2024 https://isc.sans.edu/podcastdetail/9132, (Tue, Sep 10th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
isc.sans.edu
Read more
Language
Audience