Security
Headlines
HeadlinesLatestCVEs

Tag

#git

Internet Archive suffers data breach and DDoS

The Internet Archive has been hit hard by a data breach and several DDoS attacks all around the same time.

Malwarebytes
#web#mac#ddos#js#git#auth
Siemens SIMATIC S7-1500 and S7-1200 CPUs

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC S7-1500 and S7-1200 CPUs Vulnerability: Open Redirect 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to make the web server of affected devices redirect a legitimate user to an attacker-chosen URL. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following SIMATIC S7-1500 and S7-1200 CPUs are affected: SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0): versions prior to V3.1.4 SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0): versions prior to V3.1.4 SIMATIC ET 200SP ...

Siemens SENTRON PAC3200 Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SENTRON 7KM PAC3200 Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access clear text communication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Siemens SENTRON PAC3200 devices are affected: SENTRON 7KM PAC3200: All versions 3.2 Vulnerability Overview 3.2.1 IMPROPER AUTHENTICATION CWE-287 Affected devices only provide a 4-digit PIN to protect from administrative access via Modbus TCP interface. Attackers with access to the Modbus TCP interface coul...

Rockwell Automation ControlLogix

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ControlLogix Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send a specially crafted CIP message and cause a denial-of-service condition on the affected device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Rockwell Automation products are affected: ControlLogix 5580: Versions prior to V33.017, V34.014, V35.013, V36.011 ControlLogix 5580 Process: Versions prior to V33.017, V34.014, V35.013, V36.011 GuardLogix 5580: Versions prior to V33.017, V34.014, V35.013, V36.011 CompactLogix 5380: Versions prior to V33.017, V34.014, V35.013, V36.011 Compact GuardLogix 5380 SIL 2: Versions prior to V33.017, V34.014, V35.013, V36.011 Compact GuardLogix 5380 SIL 3: Versions prior to V33.017, V34.014, V35.013, V36.011 CompactLogix 5480: Versions prior to V33.017, V34.014, ...

Ghidra data type archive for Windows driver functions

Cisco Talos is releasing a GDT file on GitHub that contains various definitions for functions and data types.

Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms

Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer. "At first glance, the thing that stood out was the script's obfuscation, which seemed a bit bizarre because of all the accented characters," Jscrambler researchers said in an analysis. "The heavy use of Unicode characters, many

Internet Archive Breach Exposes 31 Million Users

The hack exposed the data of 31 million users as the embattled Wayback Machine maker scrambles to stay online and contain the fallout of digital—and legal—attacks.

Hackers Hide Remcos RAT in GitHub Repository Comments

The tack highlights bad actors' interest in trusted development and collaboration platforms — and their users.

GHSA-7qmx-3fpx-r45m: Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations

### Impact Under certain concurrent event orderings, a `wasmtime::Engine`'s internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption could, following an additional and particular sequence of concurrent events, lead to violations of WebAssembly's control-flow integrity (CFI) and type safety. Users that do not use `wasmtime::Engine` across multiple threads are not affected. Users that only create new modules across threads over time are additionally not affected. Reproducing this bug requires creating and dropping multiple type instances (such as `wasmtime::FuncType` or `wasmtime::ArrayType`) concurrently on multiple threads, where all types are associated with the same `wasmtime::Engine`. **Wasm guests cannot trigger this bug.** See the "References" section below for a list of Wasmtime types-related APIs that are affected. Wasmtime maintains an internal registry o...

GHSA-q8hx-mm92-4wvg: wasmtime has a runtime crash when combining tail calls with trapping imports

### Impact Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtime crash is a deterministic process abort when Wasmtime is compiled with Rust 1.81 and later. [WebAssembly tail calls](https://github.com/webassembly/tail-call) are a proposal which relatively recently reached stage 4 in the [standardization process](https://github.com/WebAssembly/proposals/). Wasmtime first enabled support for tail calls by default [in Wasmtime 21.0.0](https://github.com/bytecodealliance/wasmtime/pull/8540), although that release contained a bug where it was only on-by-default for some configurations. In [Wasmtime 22.0.0](https://github.com/bytecodealliance/wasmtime/pull/8682) tail calls were enabled by default for all configurations. The specific crash happens when an exported function in a WebAssembly module (or ...