Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

Siemens SIMATIC CP

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CP Vulnerability: Incorrect Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to gain access to the filesystem. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of SIMATIC CP is affected: SIMATIC CP1543-1: V4.0 (6GK7543-1AX10-0XE0) 3.2 Vulnerability Overview 3.2.1 INCORRECT AUTHORIZATION CWE-863 Affected devices do not properly handle authorization. This could allow an unauthenticated remote attacker to gain access to the filesystem. CVE-2024-50310 has been assign...

us-cert
#vulnerability#web#perl#auth
New PXA Stealer targets government and education sectors for sensitive information

Cisco Talos discovered a new information stealing campaign operated by a Vietnamese-speaking threat actor targeting government and education entities in Europe and Asia.

More Spyware, Fewer Rules: What Trump’s Return Means for US Cybersecurity

Experts expect Donald Trump’s next administration to relax cybersecurity rules on businesses, abandon concerns around human rights, and take an aggressive stance against the cyber armies of US adversaries.

Hamas Hackers Spy on Mideast Gov'ts, Disrupt Israel

APT Wirte is doing double duty, adding all manner of supplemental malware to gain access, eavesdrop, and wipe data, depending on the target.

GHSA-4277-m35q-7c9w: Salt preflight script could be attacker controlled

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script with the privileges of the user running Salt-SSH. Do not make the copy path on the target predictable and ensure we check return codes of the scp command if the copy fails.

Teen Behind Hundreds of Swatting Attacks Pleads Guilty to Federal Charges

Alan Filion, believed to have operated under the handle “Torswats,” admitted to making more than 375 fake threats against schools, places of worship, and government buildings around the United States.

Toolkit Vastly Expands APT41's Surveillance Powers

The China-affiliated group is using the highly modular DeepData framework to target organizations in South Asia.

Zero-Days Win the Prize for Most Exploited Vulns

Among the top exploited zero-day vulnerabilities were bugs found in systems from Citrix and Cisco.