Biztonsági szemle

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-44308 Apple Multiple Products Code Execution Vulnerability CVE-2024-44309 Apple Multiple Products Cross-Site...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION: Low attack complexity Vendor: CODESYS GmbH Equipment: OSCAT Basic Library Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability allows an local...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.7 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: Modicon M340, MC80, and Momentum Unity M1E Vulnerabilities: Improper Enforcement of Message Integrity During Transmission in a...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: mySCADA Equipment: myPRO Vulnerabilities: OS Command Injection, Improper Authentication, Missing Authentication for Critical Function, Path...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

There is an increase in SVG attachments used in phishing emails ( Scalable Vector Graphics, an XML-based vector image format).

The five vulnerabilities could lead to local privilege escalation without user interaction.

Women are increasingly taking on top roles within Russian-speaking threat actor groups.

China’s campaign against U.S. telecoms has been ongoing for years.

Get ready to shop and save with Cisco U. Learning Deals, our biggest sales event to date, November 25 – December 3, 2024.

Efficiency is the name of the game for the security operations center — and 91% of cybersecurity pros say artificial intelligence and machine learning are winning that game.

Zero Networks' Benny Lakunishok discusses the unpredictable challenges of founding a startup.