Ugrás a tartalomra

Biztonsági szemle

2024. január 16.
Biztonsági szemle

Scans for Ivanti Connect "Secure" VPN Vulnerability (CVE-2023-46805, CVE-2024-21887), (Tue, Jan 16th)

Last week, Volexity published a blog describing two vulnerabilities in Ivanti's Connect "Secure" VPN [1]. These vulnerabilities have been exploited in limited, targeted attacks. At this point, Ivanti released a configuration workaround but...
isc.sans.edu
Tovább
2024. január 16.
Biztonsági szemle

CISA and FBI Release Known IOCs Associated with Androxgh0st Malware

Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Known Indicators of Compromise Associated with Androxgh0st Malware, to disseminate known indicators of compromise (IOCs) and tactics, techniques...
cisa.gov
Tovább
2024. január 16.
Biztonsági szemle

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems (ICS) advisories on January 16, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-016-01 SEW-EURODRIVE MOVITOOLS...
cisa.gov
Tovább
2024. január 16.
Biztonsági szemle

SEW-EURODRIVE MOVITOOLS MotionStudio

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: SEW-EURODRIVE Equipment: MOVITOOLS MotionStudio Vulnerability: Improper Restriction of XML EXTERNAL Entity Reference 2. RISK EVALUATION Successful exploitation of...
cisa.gov
Tovább
2024. január 16.
Biztonsági szemle

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2018-15133 Laravel Deserialization of Untrusted Data Vulnerability These types of vulnerabilities are frequent attack...
cisa.gov
Tovább
2024. január 16.
Biztonsági szemle

Known Indicators of Compromise Associated with Androxgh0st Malware

SUMMARY The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to disseminate known indicators of compromise (IOCs) and tactics, techniques, and...
cisa.gov
Tovább
2024. január 16.
Biztonsági szemle

Integration Objects OPC UA Server Toolkit

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Integration Objects Equipment: OPC UA Server Toolkit Vulnerability: Improper Output Neutralization for Logs 2. RISK EVALUATION Successful...
cisa.gov
Tovább
2024. január 16.
Biztonsági szemle

How does technology impact well-being? Cisco and OECD will launch a global study to find out.

Cisco announces a partnership with the OECD to study well-being in the digital age. Our joint initiative will examine the complex nature of digital transformation, its role as both a catalyst for progress and a source of potential risk to well-being.
blogs.cisco.com
Tovább
AI and Risk
2024. január 16.
Biztonsági szemle

A CISOs perspective on how to understand and address AI risk

Here are seven ways to dial down AI risk in the enterprise.
scmagazine.com
Tovább
2024. január 16.
Biztonsági szemle

Over 5K organizations impacted by ransomware last year

Ransomware attacks were reported by Rapid7 to have impacted nearly 5,200 organizations around the world in 2023.
scmagazine.com
Tovább
2024. január 16.
Biztonsági szemle

Mounting impact of attacks exploiting Ivanti zero-days expected

Nearly 20 organizations using vulnerable Ivanti Connect Secure VPN appliances were reported by Ivanti.
scmagazine.com
Tovább
2024. január 16.
Biztonsági szemle

ISC Stormcast For Tuesday, January 16th, 2024 https://isc.sans.edu/podcastdetail/8810, (Tue, Jan 16th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
isc.sans.edu
Tovább
Nyelv
Célcsoport