Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

How Public & Private Sectors Can Better Align Cyber Defense

With investment in cybersecurity capabilities and proactive measures to address emerging challenges, we can work together to navigate the complexities of combating cybercrime.

DARKReading
#vulnerability#microsoft#intel#auth#zero_day
Chinese APT 'Emperor Dragonfly' Moonlights With Ransomware

Pivoting from prior cyber espionage, the threat group deployed its backdoor tool set to ultimately push out RA World malware, demanding $2 million from its victim.

Microsoft Uncovers ‘BadPilot’ Campaign as Seashell Blizzard Targets US and UK

Russian GRU-linked hackers exploit known software flaws to breach critical networks worldwide, targeting the United States and the…

ABB Cylon FLXeon 9.3.4 Session Persistence Vulnerability

User sessions on ABB Cylon FLXeon controllers remain active for up to seven days, even after a client-side logout. Clicking "Log Out" does not properly revoke the session on the server, allowing attackers with access to stolen session tokens to maintain unauthorized access. This increases the risk of session hijacking and privilege abuse.

ABB Cylon FLXeon 9.3.4 Default Credentials

The ABB Cylon FLXeon BACnet controller uses a weak set of default administrative credentials that can be guessed in remote password attacks and gain full control of the system.

ABB Cylon FLXeon 9.3.4 (app.js) Insecure CORS Configuration

The ABB Cylon FLXeon BACnet controller suffers from insecure CORS configuration. Allowing all origins (app.options('*', cors()); can expose the API to data leaks, resource abuse, and potential XSS attacks.

ABB Cylon FLXeon 9.3.4 (cert.js) System Logs Information Disclosure

An authenticated attacker can access sensitive information via the system logs page of ABB Cylon FLXeon controllers. The logs expose critical data, including the OpenSSL password for stored certificates. This information can be leveraged for further attacks, such as decrypting encrypted communications, impersonation, or gaining deeper system access.

Siemens Opcenter Intelligence

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Opcenter Intelligence Vulnerabilities: Improper Authentication, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Deserialization of Untrusted Data, Insertion of Sensitive Information into Log File, Server-Side Request Forgery (SSRF) 2. RISK EVALUATION Successful exploitation of these vulnerabilities could enable an attacker to execute remote code or allow a malicious site administrator to change passwords for users. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens O...

AI and Security - A New Puzzle to Figure Out

AI is everywhere now, transforming how businesses operate and how users engage with apps, devices, and services. A lot of applications now have some Artificial Intelligence inside, whether supporting a chat interface, intelligently analyzing data or matching user preferences. No question AI benefits users, but it also brings new security challenges, especially Identity-related security