Ugrás a tartalomra

Biztonsági szemle

2024. Dec. 3.
Biztonsági szemle

Fuji Electric Monitouch V-SFT

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Monitouch V-SFT Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device...
cisa.gov
Tovább
2024. Dec. 3.
Biztonsági szemle

Siemens RUGGEDCOM APE1808

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT...
cisa.gov
Tovább
2024. Dec. 3.
Biztonsági szemle

Fuji Electric Tellus Lite V-Simulator

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Tellus Lite V-Simulator Vulnerabilities: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash...
cisa.gov
Tovább
2024. Dec. 3.
Biztonsági szemle

Open Automation Software

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Open Automation Software Equipment: Open Automation Software Vulnerability: Incorrect Execution-Assigned Permissions 2. RISK EVALUATION Successful exploitation of...
cisa.gov
Tovább
2024. Dec. 3.
Biztonsági szemle

CISA and Partners Release Joint Guidance on PRC-Affiliated Threat Actor Compromising Networks of Global Telecommunications Providers

Today, CISA—in partnership with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international partners—released joint guidance, Enhanced Visibility and Hardening Guidance for Communications Infrastructure. Partners...
cisa.gov
Tovább
2024. Dec. 3.
Biztonsági szemle

Ruijie Reyee OS

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Ruijie Equipment: Reyee OS Vulnerabilities: Weak Password Recovery Mechanism for Forgotten Password, Exposure of Private Personal Information to...
cisa.gov
Tovább
2024. Dec. 3.
Biztonsági szemle

CISA, NSA, FBI and International Partners Publish Guide for Protecting Communications Infrastructure

cisa.gov
Tovább
2024. Dec. 3.
Biztonsági szemle

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-45727 North Grid Proself Improper Restriction of XML External Entity (XEE) Reference Vulnerability CVE-2024...
cisa.gov
Tovább
2024. Dec. 3.
Biztonsági szemle

Extracting Files Embedded Inside Word Documents, (Tue, Dec 3rd)

I found a sample that is a Word document with an embedded executable. I'll explain how to extract the embedded executable with my tools.
isc.sans.edu
Tovább
2024. Dec. 3.
Biztonsági szemle

ISC Stormcast For Tuesday, December 3rd, 2024 https://isc.sans.edu/podcastdetail/9238, (Tue, Dec 3rd)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
isc.sans.edu
Tovább
word_AdobeStock_289977971_Editorial_Use_Only
2024. Dec. 3.
Biztonsági szemle

Corrupted Microsoft Office documents used in phishing campaign

The corrupted files evade security systems but are easily recovered to deliver phishing links.
scmagazine.com
Tovább
A vibrant digital lock glows against a backdrop of intricate circuitry, representing advanced cybersecurity. The scene is filled with colorful lights, creating a sense of energy and innovation.
2024. Dec. 3.
Biztonsági szemle

Leveraging AI securely: Microsoft’s approach to AI data protection

To move beyond the challenges of "Shadow AI," organizations are looking to AI-powered productivity tools and solutions.
scmagazine.com
Tovább
Nyelv
Célcsoport