Biztonsági szemle

Today, we face a formidable challenge: what was once a tool intended for seamless interaction has now become fertile ground for cyber threats and malicious actors.

Microsoft today released patches for 71 vulnerabilities. 16 of these vulnerabilities are considered critical. One vulnerability (CVE-2024-49138) has already been exploited, and details were made public before today's patch release.

Because the streaming service website offers no content restrictions, attackers are able to hijack and manipulate live streams.

The Nemesis and ShinyHunters attackers scanned millions of IP addresses to find exploitable cloud-based flaws, though their operation ironically was discovered due to a cloud misconfiguration of their own doing.

Discover Cisco's New Hire Learning Plan from the Cisco Black Belt Academy, empowering new talent with essential skills and knowledge for success through modular, interactive training and expert support. Join us in shaping future leaders.

The software supply chain is a growing target, and organizations need to take special care to safeguard it.

What links a Spanish pilgrimage path, Cisco, and nearly $55K? Join Solutions Engineer Leader Keith R. on his Camino de Santiago journey to find out.

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low Attack Complexity Vendor: Schneider Electric Equipment: EcoStruxure Foxboro DCS Core Control Services Vulnerabilities: Out-of-bounds Write, Improper Validation of Array Index, Improper Input...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low Attack Complexity Vendor: Schneider Electric Equipment: FoxRTU Station Vulnerability: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 2. RISK EVALUATION...

Microsoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: MOBATIME Equipment: Network Master Clock - DTS 4801 Vulnerability: Use of Default Credentials 2. RISK EVALUATION Successful exploitation of this...

CISA released seven Industrial Control Systems (ICS) advisories on December 10, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-345-01 MOBATIME Network Master...