Latest News

A malvertising campaign using an old school trick was found pushing to different ad blockers.

Group-IB has uncovered Lazarus group’s stealthy new trojan and technique of hiding malicious code in extended attributes on…

Less-experienced users of Microsoft's website building platform may not understand all the implications of the access controls in its low- or no-code environment.

A scammer was caught after they defrauded some 400 people for almost $20 million in real estate.

Harbor fails to validate the user permissions when updating p2p preheat policies. By sending a request to update a p2p preheat policy with an id that belongs to a project that the currently authenticated user doesn't have access to, the attacker could modify p2p preheat policies configured in other projects.

Ransomware isn’t just a buzzword; it’s one of the most dreaded challenges businesses face in this increasingly digitized world. Ransomware attacks are not only increasing in frequency but also in sophistication, with new ransomware groups constantly emerging. Their attack methods are evolving rapidly, becoming more dangerous and damaging than ever. Almost all respondents (99.8%) in a recent

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Updater Vulnerabilities: Insecure Storage of Sensitive Information, Improper Input Validation, Improperly Implemented Security Check for Standard 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an authentication bypass, remote code execution, and/or a local privilege escalation 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of FactoryTalk are affected: FactoryTalk Updater - Web Client: Version 4.00.00 FactoryTalk Updater - Client: All versions FactoryTalk Updater - Agent: All versions 3.2 Vulnerability Overview 3.2.1 INSECURE STORAGE OF SENSITIVE INFORMATION CWE-922 An authentication bypass vulnerability exists due to shared secrets across accounts, which could allow a threat actor to impersonate a user if the threat actor is able to enumerate additional information required during auth...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Verve Asset Manager Vulnerability: Dependency on Vulnerable Third-Party Component 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Verve Asset Manager are affected: Verve Asset Manager: Versions 1.39 and prior 3.2 Vulnerability Overview 3.2.1 DEPENDENCY ON VULNERABLE THIRD-PARTY COMPONENT CWE-1395 Verve Asset Manager utilizes Kibana, which contains a remote code execution vulnerability that allows an attacker with access to ML and alerting connecting features as well as write access to internal ML to trigger a prototype pollution vulnerability, which can ultimately lead to arbitrary code execution. The code execution is limited to the container. CVE-2024-37287 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.2...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Runtime Vulnerability: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated remote attackers to circumvent default account lockout measures. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Mendix Runtime are affected: Mendix Runtime: V8 Mendix Runtime: V9 Mendix Runtime: V10 Mendix Runtime: V10.6 Mendix Runtime: V10.12 3.2 Vulnerability Overview 3.2.1 CONCURRENT EXECUTION USING SHARED RESOURCE WITH...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CP Vulnerability: Incorrect Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to gain access to the filesystem. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of SIMATIC CP is affected: SIMATIC CP1543-1: V4.0 (6GK7543-1AX10-0XE0) 3.2 Vulnerability Overview 3.2.1 INCORRECT AUTHORIZATION CWE-863 Affected devices do not properly handle authorization. This could allow an unauthenticated remote attacker to gain access to the filesystem. CVE-2024-50310 has been assign...