CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems (ICS) advisories on May 02, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-123-01 CyberPower PowerPanel ICSA-24...
CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate Directory Traversal Vulnerabilities
Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Secure by Design Alert, Eliminating Directory Traversal Vulnerabilities in Software. This Alert was crafted in response to recent well-publicized threat actor campaigns that...
'DuneQuixote' Shows Stealth Cyberattack Methods Are Evolving. Can Defenders Keep Up?
A recent campaign targeting Middle Eastern government organizations plays standard detection tools like a fiddle. With cyberattackers getting more creative, defenders must start keeping pace.
The breach was carried out with stolen Citrix credentials for an account that lacked multifactor authentication. Attackers went undetected for days, and Change's backup strategy failed.