Ugrás a tartalomra

Biztonsági szemle

2024. szep. 17.
Biztonsági szemle

CISA and FBI Release Secure by Design Alert on Eliminating Cross-Site Scripting Vulnerabilities

Today, CISA and FBI released a Secure by Design Alert, Eliminating Cross-Site Scripting Vulnerabilities, as a part of our ongoing effort to reduce the prevalence of vulnerability classes at scale. Vulnerabilities like cross-site scripting (XSS)...
cisa.gov
Tovább
2024. szep. 17.
Biztonsági szemle

Yokogawa Dual-redundant Platform for Computer (PC2CKM)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Yokogawa Equipment: Dual-redundant Platform for Computer (PC2CKM) Vulnerability: Unchecked Return Value 2. RISK EVALUATION Successful...
cisa.gov
Tovább
2024. szep. 17.
Biztonsági szemle

Millbeck Communications Proroute H685t-w

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Millbeck Communications Equipment: Proroute H685t-w Vulnerabilities: Command Injection, Cross-site Scripting 2. RISK EVALUATION Successful...
cisa.gov
Tovább
2024. szep. 17.
Biztonsági szemle

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2014-0497 Adobe Flash Player Integer Underflow Vulnerability CVE-2013-0643 Adobe Flash Player Incorrect Default...
cisa.gov
Tovább
2024. szep. 17.
Biztonsági szemle

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems (ICS) advisories on September 17, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-261-01 Siemens SIMATIC S7-200...
cisa.gov
Tovább
2024. szep. 17.
Biztonsági szemle

Siemens SIMATIC S7-200 SMART Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see  Siemens' ProductCERT...
cisa.gov
Tovább
Open source software
2024. szep. 17.
Biztonsági szemle

Seven ways to secure open-source software

Securing open-source software will take collaboration, innovation and a commitment to best practices.
scmagazine.com
Tovább
2024. szep. 17.
Biztonsági szemle

Ukraine, Gaza Wars Inspire DDoS Surge Against Finservs

Hacktivists love to target financial services companies, and their attacks are growing both larger and longer.
darkreading.com
Tovább
2024. szep. 17.
Biztonsági szemle

'CloudImposer' Flaw in Google Cloud Affected Millions of Servers

Attackers could have exploited a dependency confusion vulnerability affecting various Google Cloud services to execute a sprawling supply chain attack via just one malicious Python code package.
darkreading.com
Tovább
2024. szep. 17.
Biztonsági szemle

23:59, Time to Exfiltrate!, (Tue, Sep 17th)

Last week, I posted a diary about suspicious Python modules. One of them was Firebase [ 1], the cloud service provided by Google[ 2]. Firebase services abused by attackers is not new, usually, it&#x27s used to host malicious files that will be...
isc.sans.edu
Tovább
2024. szep. 17.
Biztonsági szemle

ISC Stormcast For Tuesday, September 17th, 2024 https://isc.sans.edu/podcastdetail/9140, (Tue, Sep 17th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
isc.sans.edu
Tovább
Featured image for {“vendor”:”ppworks”,”type”:”segment”,”id”:”12987″} podcast from PPWorks
2024. szep. 17.
Biztonsági szemle

Solving the Cybersecurity Data Problem - Padraic O'Reilly - BSW #364

scmagazine.com
Tovább
Nyelv
Célcsoport