Latest News

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.6 ATTENTION: Low attack complexity Vendor: Emerson Equipment: PACSystem, Fanuc Vulnerabilities: Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity Insufficiently Protected Credentials, Download of Code Without Integrity Check CISA is aware of a public report, known as "OT:ICEFALL", detailing vulnerabilities found in multiple operational technology (OT) vendors. CISA is issuing this advisory to provide notice of the reported vulnerabilities and identify baseline mitigations for reducing risks to these and other cybersecurity attacks. 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution, loss of sensitive information, or a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Emerson products are affected: PAC Machine Edition: All versions (CVE-2022-30263, CVE-2022-30265) PACSystem RXi: All versions (CVE-2022-30263, CVE-202...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: Ovation Vulnerabilities: Missing Authentication for Critical Function, Insufficient Verification of Data Authenticity CISA is aware of a public report, known as "OT:ICEFALL", detailing vulnerabilities found in multiple operational technology (OT) vendors. CISA is issuing this advisory to provide notice of the reported vulnerabilities and identify baseline mitigations for reducing risks to these and other cybersecurity attacks. 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution, loss of sensitive information, denial-of-service, or allow an attacker to modify the controller configuration. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Emerson products are affected: Ovation: Version 3.8.0 Feature Pack 1 and prior 3.2 Vulnerability Overview 3.2.1 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306 The affec...

A worried researcher has created a tool to demonstrate exactly how much of a security backdoor Microsoft is creating with Recall.

Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk.  In an increasingly interconnected world, supply chain attacks have emerged as a formidable threat, compromising

ZeroMark wants to build a system that will let soldiers easily shoot a drone out of the sky with the weapons they’re already carrying—and venture capital firm a16z is betting the startup can pull it off.

Tom works for a reputable financial institution. He has a long, complex password that would be near-impossible to guess. He’s memorized it by heart, so he started using it for his social media accounts and on his personal devices too. Unbeknownst to Tom, one of these sites has had its password database compromised by hackers and put it up for sale on the dark web. Now threat actors are working

Threat actors are increasingly abusing legitimate and commercially available packer software such as BoxedApp to evade detection and distribute malware such as remote access trojans and information stealers. "The majority of the attributed malicious samples targeted financial institutions and government industries," Check Point security researcher Jiri Vinopal said in an analysis. The volume of

Google has announced plans to store Maps Timeline data locally on users' devices instead of their Google account effective December 1, 2024. The changes were originally announced by the tech giant in December 2023, alongside changes to the auto-delete control when enabling Location History by setting it to three months by default, down from the previous limit of 18 months. Google Maps Timeline,

Eliot Higgins and his 28,000 forensic foot soldiers at Bellingcat have kept a miraculous nose for truth—and a sharp sense of its limits—in Gaza, Ukraine, and everywhere else atrocities hide online.

Cybersecurity researchers have discovered a malicious Python package uploaded to the Python Package Index (PyPI) repository that's designed to deliver an information stealer called Lumma (aka LummaC2). The package in question is crytic-compilers, a typosquatted version of a legitimate library named crytic-compile. The rogue package was downloaded 441 times before it was taken down by PyPI