Biztonsági szemle

Recent laws signal compliance with data security standards is no longer a way to placate the boardroom.

The company's Wireshark tool is an open-source network protocol analyzer that has gained over 160 million downloads and 5 million daily users due to its real-time network traffic analysis capabilities.

Opengrep, which is forked from Semgrep, will keep the older tool's open source nature and provide users complete access to its scanning capabilities, according to the consortium, which emphasized the establishment of dedicated Opengrep development...

Quantum computing will bring new security risks. Both professionals and legislators need to use this time to prepare.

Compliance standards are mandating better data security. There are several ways to do this, but most organizations would admit that erasure is not one of them.

Have you been hearing a lot about Life Cycle Assessments (LCAs)? Learn how they help businesses understand the environmental footprint of their products, processes, or services.

Stephan M., Director of Global Virtual Sales and Engineering, turned a poolside chat into an impactful career at Cisco. He reflects on 20 years of CSAP EMEA, learnings, and more.

Cisco is the Official Security Cloud Provider for the Black Hat Network Operations Center (NOC). We work with the other official partners to bring the hardware, software and engineers to build and secure the network, for our joint customer: Black Hat...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: B&R Equipment: Automation Runtime Vulnerability: Use of a Broken or Risky Cryptographic Algorithm 2. RISK EVALUATION Successful exploitation of...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low Attack Complexity Vendor: Schneider Electric Equipment: Electric RemoteConnect and SCADAPack x70 Utilities Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Vulnerabilities: Incorrect Authorization, Improper Neutralization of Special Elements used in an OS Command ('OS Command...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Power Logic Vulnerabilities: Authorization Bypass Through User-Controlled Key, Improper Restriction of Operations...