Tag: advisory

Siemens Warns of a Critical Vulnerability in UMC

Dec 20, 2024 10:43 PM

Tags: advisory, control, flaw, vulnerability

Heap Overflow Flaw Threatens Industrial Control Systems Globally. Siemens issued a security advisory for a vulnerability affecting industrial control systems in its User Management Component that could enable attackers to execute arbitrary code. The heap-based buffer overflow flaw impacts products used in manufacturing and the energy sector. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/siemens-warns-critical-vulnerability-in-umc-a-27121
Siemens UMC Vulnerability Allows Arbitrary Remote Code Execution

Dec 20, 2024 12:42 PM

Tags: advisory, cyber, flaw, mitigation, remote-code-execution, vulnerability

A critical vulnerability has been identified in Siemens’ User Management Component (UMC), which could allow unauthenticated remote attackers to execute arbitrary code. The flaw, designated CVE-2024-49775, is a heap-based buffer overflow vulnerability. Siemens has issued Security Advisory SSA-928984 and urges customers to implement recommended fixes or mitigations to minimize the risks. Details of the Vulnerability The…
Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords

Dec 19, 2024 3:42 PM

Tags: advisory, botnet, malicious, network, password, router

Juniper Networks is warning that Session Smart Router (SSR) products with default passwords are being targeted as part of a malicious campaign that deploys the Mirai botnet malware.The company said it’s issuing the advisory after “several customers” reported anomalous behavior on their Session Smart Network (SSN) platforms on December 11, 2024.”These systems have been infected…
Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits

Dec 19, 2024 1:42 PM

Tags: access, advisory, cve, cvss, exploit, flaw, fortinet, vulnerability

Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of sensitive information.The vulnerability, tracked as CVE-2023-34990, carries a CVSS score of 9.6 out of a maximum of 10.0.”A relative path traversal [CWE-23] in FortiWLM may allow a remote unauthenticated attacker to read sensitive…
Iranian Hackers Launched A Massive Attack to Exploit Global ICS Infrastructure

Dec 19, 2024 10:42 AM

Tags: advisory, attack, cisa, cyber, cybersecurity, exploit, hacker, infrastructure, iran, malicious, tactics, threat

In a joint cybersecurity advisory, the FBI, CISA, NSA, and partner agencies from Canada, the United Kingdom, and Israel have issued an urgent warning about ongoing malicious cyber activities by advanced persistent threat (APT) actors affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC). The advisory provides critical new details on tactics, techniques, and procedures (TTPs)…
Fortinet Critical Vulnerabilitiy Let Attackers Inject Commands Remotely

Dec 19, 2024 9:42 AM

Tags: access, advisory, cyber, cybersecurity, fortinet, injection, unauthorized, vulnerability

Fortinet, a global leader in cybersecurity solutions, has issued an urgent security advisory addressing two critical vulnerabilities affecting its FortiManager and FortiWLM products. The vulnerabilities, which can allow unauthorized code execution and sensitive file read access, demand immediate attention to mitigate risks. OS Command Injection in FortiManager (CVE-2023-34990) A critical Improper Neutralization of Special Elements in…
CISA urges senior government officials to lock down mobile devices amid ongoing Salt Typhoon breach

Dec 18, 2024 10:42 PM

Tags: advisory, android, apple, breach, cisa, government, mobile

A 5-page advisory provided troves of guidance for both Apple and Android users, urging all “highly targeted individuals” to rely on the “consistent use of end-to-end encryption.”]]> First seen on therecord.media Jump to article: therecord.media/cisa-urges-senior-officials-to-lock-down-devices-salt-typhoon
Citrix Alerts on Global Password Spraying Campaigns Targeting NetScaler Appliances

Dec 15, 2024 11:05 AM

Tags: advisory, attack, authentication, citrix, endpoint, exploit, password

Citrix has issued an advisory highlighting an increase in password spraying attacks aimed at NetScaler appliances worldwide. These attacks exploit authentication endpoints, causing significant operational disruptions for targeted organizations. Unlike... First seen on securityonline.info Jump to article: securityonline.info/citrix-alerts-on-global-password-spraying-campaigns-targeting-netscaler-appliances/
How to turn around a toxic cybersecurity culture

Dec 13, 2024 11:05 AM

Tags: access, advisory, attack, authentication, awareness, business, ciso, compliance, control, cyber, cybersecurity, data, governance, group, guide, healthcare, jobs, password, phishing, risk, sans, service, strategy, technology, threat, training, vulnerability, zero-trust

A toxic cybersecurity culture affects team turnover, productivity, and morale. Worse yet, it places enterprise systems and data at risk.In a toxic cybersecurity culture, everybody believes that cybersecurity is somebody else’s job, says Keri Pearlson, executive director for Cybersecurity at MIT Sloan (CAMS), a research consortium focusing on cybersecurity leadership and governance issues. “They don’t…
Dell Security Update, Patch for Multiple Critical Vulnerabilities

Dec 13, 2024 10:07 AM

Tags: advisory, cve, cyber, exploit, malicious, update, vulnerability

Dell Technologies has released a security advisory addressing multiple critical vulnerabilities that could expose affected systems to exploitation by malicious actors. Customers are strongly encouraged to review the findings and update their systems accordingly. This update includes remediation for two critical CVEs affecting several Dell products. Failure to address these vulnerabilities could result in system…
AMD data center chips vulnerable to revealing data through ‘BadRAM’ attack

Dec 12, 2024 5:05 AM

Tags: access, advisory, attack, best-practice, cloud, cve, data, encryption, exploit, finance, firmware, flaw, germany, Hardware, mitigation, monitoring, reverse-engineering, software, update, vulnerability

AMD’s Secure Encrypted Virtualization (SEV), meant to protect processor memory from prying eyes in virtual machine (VM) environments, can be tricked into giving access to its encrypted memory contents using a test rig costing less than $10, researchers have revealed.Dubbed “BadRAM” by researchers from the University of Lübeck in Germany, KU Leven in Belgium, and…
UAC-0185 APT Leverages Social Engineering to Target Ukrainian Defense Industrial Base

Dec 11, 2024 5:36 AM

Tags: advisory, apt, attack, computer, defense, phishing, social-engineering, ukraine

The Computer Emergency Response Team of Ukraine (CERT-UA) has issued a security advisory (CERT-UA#12414) detailing a sophisticated phishing campaign targeting organizations within Ukraine’s defense industrial base. The attacks, attributed to... First seen on securityonline.info Jump to article: securityonline.info/uac-0185-apt-leverages-social-engineering-to-target-ukrainian-defense-industrial-base/
Attackers exploit zero-day RCE flaw in Cleo managed file transfer

Dec 11, 2024 1:37 AM

Tags: advisory, attack, cve, edr, exploit, firewall, flaw, group, Internet, malicious, mitigation, moveIT, powershell, ransomware, rce, remote-code-execution, software, tool, update, vulnerability, vulnerability-management, windows, zero-day

Security researchers have warned about in-the-wild attacks that exploit a remote code execution vulnerability in managed file transfer (MFT) solutions developed by enterprise software vendor Cleo Communications.The impacted products include the latest versions of Cleo LexiCom, Cleo VLTrader and Cleo Harmony, with experts advising to temporarily disconnect these systems from the internet until a patch…
Dell Warns of Critical Code Execution Vulnerability in Power Manager

Dec 10, 2024 12:08 PM

Tags: advisory, cyber, malicious, update, vulnerability

Dell Technologies has issued a security advisory, DSA-2024-439, to alert users of a critical vulnerability in its Dell Power Manager software. The vulnerability, identified as CVE-2024-49600, could allow malicious attackers to execute arbitrary code and gain elevated privileges on the affected systems. Users are urged to update immediately to mitigate potential risks. The vulnerability has been…
Ultralytics YOLO AI model compromised in supply chain attack

Dec 9, 2024 1:07 PM

Tags: advisory, ai, attack, supply-chain

While Ultralytics has not released an official security advisory, the company pulled two recent versions of its YOLO11 AI model after reports emerged that they contained a cryptominer. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366616877/Ultralytics-YOLO-AI-model-compromised-in-supply-chain-attack
Supply chain compromise of Ultralytics AI library results in trojanized versions

Dec 7, 2024 1:48 AM

Tags: access, advisory, ai, backdoor, container, crypto, exploit, github, injection, malicious, malware, pypi, radius, service, software, supply-chain, threat, vulnerability

Attackers have compromised Ultralytics YOLO packages published on PyPI, the official Python package index, by compromising the build environment of the popular library for creating custom machine learning models. The malicious code deployed cryptocurrency mining malware on systems that installed the package, but the attackers could have delivered any type of malware.According to researchers from…
Cybersecurity Snapshot: Study Raises Open Source Security Red Flags, as Cyber Agencies Offer Prevention Tips Against Telecom Spying Attacks

Dec 6, 2024 6:49 PM

Tags: access, advisory, ai, attack, authentication, best-practice, breach, business, china, cisa, cloud, communications, compliance, computing, control, credentials, cyber, cybercrime, cybersecurity, data, data-breach, defense, detection, espionage, exploit, finance, firewall, fraud, government, group, guide, hacker, hacking, identity, infrastructure, insurance, international, Internet, interpol, iot, korea, law, least-privilege, linux, lockbit, login, malware, mfa, mitigation, mobile, network, open-source, password, phishing, privacy, ransomware, RedTeam, resilience, risk, router, scam, service, software, strategy, supply-chain, technology, theft, threat, tool, unauthorized, usa, vpn, vulnerability, windows

Don’t miss the Linux Foundation’s deep dive into open source software security. Plus, cyber agencies warn about China-backed cyber espionage campaign targeting telecom data. Meanwhile, a study shows the weight of security considerations in generative AI projects. And get the latest on ransomware trends, financial cybercrime and critical infrastructure security. Dive into six things that…
Rockwell Automation Warns of Multiple Code Execution Vulnerabilities in Arena

Dec 6, 2024 10:48 AM

Tags: advisory, automation, cyber, exploit, remote-code-execution, software, vulnerability, zero-day

Rockwell Automation has issued a critical security advisory addressing multiple remote code execution (RCE) vulnerabilities discovered in its Arena® software. These vulnerabilities, reported by the Zero Day Initiative (ZDI), expose systems to potential exploitation by adversaries looking to execute arbitrary code. With the release of updated software versions, Rockwell Automation has taken corrective action and…
Mitel MiCollab VoIP authentication bypass opens new attack paths

Dec 5, 2024 10:48 PM

Tags: access, advisory, apache, apt, attack, authentication, cve, exploit, flaw, injection, linux, phone, software, sql, unauthorized, update, voip, vulnerability

Security researchers have discovered a new issue in the Mitel MiCollab enterprise VoIP platform that allows attackers to access administrative features without authentication.The discovery was made by researchers from security firm watchTowr back in May while trying to replicate a different vulnerability that Mitel patched at the time (CVE-2024-35286). The new issue is a path…
Channel Brief: Wipro, Netskope Team Up on Cybersecurity Advisory Services

Dec 5, 2024 9:50 PM

Tags: advisory, cybersecurity, service

First seen on scworld.com Jump to article: www.scworld.com/news/channel-brief-wipro-netskope-team-up-on-cybersecurity-advisory-services
US may plan legislation to contain Chinese cyber espionage

Dec 5, 2024 1:48 PM

Tags: advisory, ai, at&t, breach, ceo, china, cisa, cloud, cyber, cybersecurity, data, defense, espionage, finance, government, hacker, hacking, intelligence, mobile, network, phone, risk, technology, theft, threat, vulnerability

US senators were briefed behind closed doors this week on the scale of “Salt Typhoon,” an alleged Chinese cyber-espionage campaign targeting the nation’s telecommunications networks.The FBI, CISA, and other key agencies, who were part of the briefing, revealed that the sophisticated operation compromised at least eight US telecom firms, stealing metadata and call intercepts, including…
Critical Veeam Vulnerabilities Expose Service Provider Console to Cyber Risks

Dec 5, 2024 1:48 PM

Tags: advisory, cyber, risk, service, veeam, vulnerability

Veeam has published a critical advisory regarding severe vulnerabilities affecting its Veeam Service Provider Console (VSPC), particularly impacting version 8.1.0.21377 and earlier builds from version 7. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/critical-veeam-vulnerabilities/
Veeam issues patch for critical RCE bug

Dec 4, 2024 3:48 PM

Tags: advisory, backup, cisco, cve, cvss, data, exploit, flaw, germany, Internet, leak, microsoft, mitigation, ntlm, ransomware, rce, remote-code-execution, service, threat, unauthorized, update, veeam, vulnerability, windows

Veeam is warning its customers of two vulnerabilities, of which one is a critical RCE bug, affecting the Service Provider Console (VSPC), a web-based management platform for managed service providers (MSPs).On Tuesday, the data protection and backup solutions provider that powers IT systems availability for leading brands like Cisco, Lenovo, and NASA, issued an advisory…
Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Dec 4, 2024 11:50 AM

Tags: advisory, china, cyber, cybersecurity, espionage, infrastructure, network

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks in a joint advisory. Australia, Canada, New Zealand, and the U.S. issued a joint advisory to warn of People’s Republic of China (PRC)-linked cyber espionage targeting telecom networks. >>The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal…
Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks

Dec 4, 2024 8:48 AM

Tags: advisory, china, cyber, espionage, exploit, network, threat

A joint advisory issued by Australia, Canada, New Zealand, and the U.S. has warned of a broad cyber espionage campaign undertaken by People’s Republic of China (PRC)-affiliated threat actors targeting telecommunications providers.”Identified exploitations or compromises associated with these threat actors’ activity align with existing weaknesses associated with victim infrastructure; no novel First seen on thehackernews.com…
CISA Releases Advisory to Monitor Networks to Detect Malicious Cyber Actors

Dec 4, 2024 7:48 AM

Tags: advisory, china, cisa, cyber, cybersecurity, exploit, infrastructure, malicious, network, threat

The National Security Agency (NSA) has partnered with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and other entities to release a critical advisory. This initiative comes in response to the exploitation of major global telecommunications providers by a threat actor affiliated with the People’s Republic of China (PRC). The…
Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability

Dec 3, 2024 3:48 PM

Tags: advisory, attack, cisco, cve, exploit, flaw, login, vulnerability

Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance (ASA).The vulnerability, tracked as CVE-2014-2120 (CVSS score: 4.3), concerns a case of insufficient input validation in ASA’s WebVPN login page that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)…
Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability

Dec 3, 2024 12:50 PM

Tags: advisory, attack, cisco, cve, exploit, vulnerability

Cisco has updated an advisory for CVE-2014-2120 to warn customers that the vulnerability has been exploited in the wild. The post Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisco-warns-of-attacks-exploiting-decade-old-asa-vulnerability/
INCONTROLLER / PIPEDREAM ICS Toolkit Targeting Energy Sector

Dec 1, 2024 2:19 AM

Tags: advisory, detection, threat

This advisory was written by Travis Holland and Eric Dodge of the Kudelski Security Threat Detection & Research Team Summary Incontroller/Pipedrea… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/04/25/incontroller-pipedream-ics-toolkit-targeting-energy-sector/
Critical VMware vCenter Server Patch VMSA20240019

Dec 1, 2024 1:19 AM

Tags: advisory, update, vcenter, vmware, vulnerability

Summary VMware has released a critical security advisory (VMSA-2024-0019) that addresses two serious vulnerabilities found in its vCenter Server and V… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/09/18/critical-vmware-vcenter-server-patch-vmsa20240019/