Biztonsági szemle

Researchers from cloud security firm Wiz discovered the issue and attempted to contact DeepSeek through multiple channels.

Based on reporting from SecurityScorecard's STRIKE team, the North Korean state-backed threat actor employs a React and Node.js-based system in each C2 server to enable centralized management of stolen data, observation of compromised hosts, and...

The addition of Solvo CSPM to CYE Hyver aims to address need for multicloud vulnerability monitoring and risk assessment.

By partnering with Cisco and harnessing the power of our Mobility Services Platform, CSPs elevate their connectivity to deliver end-to-end enterprise value and use cases that solve real-world business problems.

See the key takeaways for the most recent Cisco Talos Incident Response report and learn how you can use Cisco Security products to help defend against these.

Rogue AI models are exposing sensitive data without regulation, creating an environment for accidentaldata breaches and misuse.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: New Rock Technologies Equipment: Cloud Connected Devices Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command ('OS...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: UNEM Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Argument Injection, Heap-based Buffer...

CISA released eight Industrial Control Systems (ICS) advisories on January 30, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-030-01 Hitachi Energy UNEM ICSA-25...

CISA released a fact sheet, Contec CMS8000 Contains a Backdoor, detailing an analysis of three firmware package versions of the Contec CMS8000, a patient monitor used by the U.S. Healthcare and Public Health (HPH) sector. Analysts discovered that an...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk AssetCentre Vulnerabilities: Inadequate Encryption Strength, Insufficiently Protected Credentials 2...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: KEPServer Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this...