Latest News

The ABB Cylon Aspect BMS/BAS controller suffers from an unauthenticated shell command execution vulnerability through the deployStart.php script. This allows any user to trigger the execution of 'rundeploy.sh' script, which initializes the Java deployment server that sets various configurations, potentially causing unauthorized server initialization and performance issues.

Palo Alto, Calif., USA, 30th December 2024, CyberNewsWire

Cyber insurance should augment your cybersecurity strategy — not replace it.

The ABB Cylon controller suffers from an authenticated path traversal vulnerability. This can be exploited through the 'devName' POST parameter in the ethernetUpdate.php script to write partially controlled content, such as IP address values, into arbitrary file paths, potentially leading to configuration tampering and system compromise including denial of service scenario through ethernet configuration backup file overwrite.

The ABB Cylon controller suffers from an authenticated path traversal vulnerability. This can be exploited through the 'devName' POST parameter in the ethernetUpdate.php script to write partially controlled content, such as IP address values, into arbitrary file paths, potentially leading to configuration tampering and system compromise including denial of service scenario through ethernet configuration backup file overwrite.

Proactive defenses, cross-sector collaboration, and resilience are key to combating increasingly sophisticated threats.

SUMMARY A recent report from the German news outlet Spiegel has revealed a significant security breach impacting hundreds…

The United States Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients' data against potential cyber attacks. The proposal, which seeks to modify the Health Insurance Portability and Accountability Act (HIPAA) of 1996, is part of a broader initiative to bolster the

Every week, the digital world faces new challenges and changes. Hackers are always finding new ways to breach systems, while defenders work hard to keep our data safe. Whether it's a hidden flaw in popular software or a clever new attack method, staying informed is key to protecting yourself and your organization. In this week's update, we'll cover the most important developments in

From Elon Musk and Donald Trump to state-sponsored hackers and crypto scammers, this was the year the online agents of chaos gained ground.