Ugrás a tartalomra

Biztonsági szemle

2024. Szep. 19.
Biztonsági szemle

IDEC PLCs

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Low Attack Complexity Vendor: IDEC Corporation Equipment: IDEC PLCs Vulnerabilities: Cleartext Transmission of Sensitive Information, Generation of Predictable Identifiers 2. RISK EVALUATION...
cisa.gov
Tovább
2024. Szep. 19.
Biztonsági szemle

Kastle Systems Access Control System

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Kastle Systems Equipment: Access Control System Vulnerabilities: Use of Hard-coded Credentials, Cleartext Storage of Sensitive Information 2...
cisa.gov
Tovább
2024. Szep. 19.
Biztonsági szemle

VMware Releases Security Advisory for VMware Cloud Foundation and vCenter Server

VMware released a security advisory addressing vulnerabilities in the VMware Cloud Foundation and the vCenter Server. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and...
cisa.gov
Tovább
2024. Szep. 19.
Biztonsági szemle

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8963 Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability These types of vulnerabilities are...
cisa.gov
Tovább
2024. Szep. 19.
Biztonsági szemle

Ivanti Releases Admin Bypass Security Update for Cloud Services Appliance

Ivanti has released a security update to address an admin bypass vulnerability ( CVE-2024-8963) affecting Ivanti Cloud Services Appliance (CSA) version 4.6. A cyber threat actor could exploit this vulnerability in conjunction with CVE-2024-8190...
cisa.gov
Tovább
2024. Szep. 19.
Biztonsági szemle

Coalition for Secure AI Promotes Safe, Ethical AI Development

The Coalition for Secure AI (CoSAI) has expanded its roster of members with the addition of threat intelligence management, collaboration, and response orchestration vendor Cyware.
darkreading.com
Tovább
2024. Szep. 19.
Biztonsági szemle

Security Firm's North Korean Hacker Hire Not an Isolated Incident

What happened to KnowBe4 also has happened to many other organizations, and it's still a risk for companies of all sizes due to a sophisticated network of government-sponsored fake employees.
darkreading.com
Tovább
2024. Szep. 19.
Biztonsági szemle

ISC Stormcast For Thursday, September 19th, 2024 https://isc.sans.edu/podcastdetail/9144, (Thu, Sep 19th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
isc.sans.edu
Tovább
2024. Szep. 19.
Biztonsági szemle

Phishing Espionage Attack Targets US-Taiwan Defense Conference

Hackers sent a convincing lure document, but after 20 years of similar attacks, the target organization was well prepared.
darkreading.com
Tovább
2024. Szep. 19.
Biztonsági szemle

Time-to-Live Analysis of DShield Data with Vega-Lite, (Wed, Sep 18th)

Since posting a diary about Vega-Lite [ 1], I have "played" with other queries that might be interesting and the first one that I wanted to explore since the DShield SIEM [ 2] capture and parse the iptables logs and store the Time-to-Live (TTL) for...
isc.sans.edu
Tovább
The North Portico of the White House in Washington, D.C.
2024. Szep. 19.
Biztonsági szemle

Russian troll farms turn up heat on presidential candidates

As the U.S. presidential elections near, foreign hackers are launching new campaigns against the candidates and their staffers.
scmagazine.com
Tovább
cookies_AdobeStock_48942246
2024. Szep. 19.
Biztonsági szemle

Preventing ransomware by fully remediating infostealer attacks

Session hijacking is an emerging entry point for ransomware actors but few orgs invalidate open sessions after a malware infection.
scmagazine.com
Tovább
Nyelv
Célcsoport