Security Bulletin

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: eSOMS Vulnerabilities: Generation of Error Message Containing Sensitive Information, Exposure of Sensitive System...

CISA released four Industrial Control Systems (ICS) advisories on November 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-313-01 Johnson Controls Quantum HD...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable Remotely/Low attack complexity Vendor: Johnson Controls Inc. Equipment: Quantum HD Unity Vulnerability: Active Debug Code 2. RISK EVALUATION Successful exploitation of this...

Today, CISA, the National Security Agency (NSA), and partners released Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption. Developed through the Enduring Security Framework (ESF), this guidance...

Code injection techniques (T1055 from MITRE[1]) is a common technique these days. It&#x27s a nice way for an attacker to hide malicious code into a legit process. A deviation of this technique is called “Process Hollowing”[2] where code of the...

A premier Russian APT used living-off-the-land techniques in a major OT hit, raising tough questions about whether or not we can defend against the attack vector.

We need to develop our own talent, find ways to protect IP, and play the long game on AI against the Chinese and other tech adversaries – we can’t do it with EOs and more regulations.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

If, like Mohit, you enjoy both software development and networking, then Cisco DevNet certifications has plenty to offer by integrating network infrastructure with software applications, automation, and programmability. Here are Mohit's top...

Money Message is an insidious ransomware family known for resisting detection and remediation in various ways. We walk through a recent case.

The attacks are another manifestation of the concerning rise in information stealers for harvesting data and enabling persistent access to enterprise networks.

Meet "farnetwork," one of the most prolific RaaS operators around, who spilled too many details during an affiliate "job interview."