Security Bulletin
4 Apr 2024
Biztonsági szemle
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-29745 Android Pixel Information Disclosure Vulnerability CVE-2024-29748 Android Pixel Privilege Escalation...
4 Apr 2024
Biztonsági szemle
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems (ICS) advisories on April 4, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-095-01 Hitachi Energy Asset Suite 9 ICSA...
4 Apr 2024
Biztonsági szemle
Hitachi Energy Asset Suite 9
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Asset Suite 9 Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability...
4 Apr 2024
Biztonsági szemle
Ivanti Releases Security Update for Ivanti Connect Secure and Policy Secure Gateways
Ivanti has released security updates to address vulnerabilities in all supported versions (9.x and 22.x) of Ivanti Connect Secure and Policy Secure gateways. A cyber threat actor could exploit one of these vulnerabilities to take control of an...
4 Apr 2024
Biztonsági szemle
Schweitzer Engineering Laboratories SEL
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schweitzer Engineering Laboratories Equipment: SEL 700 series relays Vulnerability: Inclusion of Undocumented Features 2. RISK EVALUATION...
4 Apr 2024
Biztonsági szemle
Old foes and new tools haunt 2024 election security
Russia won’t change its tactics, but we can expect they will use tools like deepfakes to influence elections.
4 Apr 2024
Biztonsági szemle
ISC Stormcast For Thursday, April 4th, 2024 https://isc.sans.edu/podcastdetail/8924, (Thu, Apr 4th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
3 Apr 2024
Biztonsági szemle
WordPress LayerSlider plugin bug risks password hash extraction
The critical SQL injection flaw was reported through Wordfence for a record $5,500 bug bounty.
3 Apr 2024
Biztonsági szemle
It’ll be back: Attackers still abusing Terminator tool and variants
First released in May 2023, an EDR killer – and the vulnerable Zemana drivers it leverages – are still of interest to threat actors, along with variants and ported versions
3 Apr 2024
Biztonsági szemle
Cisco Duo wins Best in KLAS again for the second year in a row
By providing secure access for every user, every device, and every application, Duo was declared the clear choice.
3 Apr 2024
Biztonsági szemle
Missouri county latest local government ransomware victim, 18th of 2024
Missouri county previously paid ransom after cyberattack in 2019.
3 Apr 2024
Biztonsági szemle
Some things you can learn from SSH traffic, (Wed, Apr 3rd)
This week, the SSH protocol made the news due to the now infamous xz-utils backdoor. One of my favorite detection techniques is network traffic analysis. Protocols like SSH make this, first of all, more difficult. However, as I did show in the...
Pagination
- Previous page ‹‹
- Page 1049
- Next page ››