Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

Quanta Servers Caught With 'Pantsdown' BMC Vulnerability

Researchers discover 3-year-old critical firmware vulnerability, running in popular cloud servers used to power hyperscalers and cloud providers alike.

DARKReading
Open in Source
#vulnerability#web#intel
The Mystery of China’s Sudden Warnings About US Hackers

The Chinese government recently began saber-rattling about American cyberespionage. The catch? It’s all old news.

The Mystery of China’s Sudden Warnings About US Hackers

The Chinese government recently began saber-rattling about American cyberespionage. The catch? It’s all old news.

Hackers Increasingly Using Browser Automation Frameworks for Malicious Activities

Cybersecurity researchers are calling attention to a free-to-use browser automation framework that's being increasingly used by threat actors as part of their attack campaigns. "The framework contains numerous features which we assess may be utilized in the enablement of malicious activities," researchers from Team Cymru said in a new report published Wednesday. "The technical entry bar for the

How Software Architects Can Manage Technical Debt in a Microservice Architecture

By Owais Sultan Most software architects wear two different hats – they act as software engineers and technical leaders. However, software… This is a post from HackRead.com Read the original post: How Software Architects Can Manage Technical Debt in a Microservice Architecture

Food For Files: GoodWill Ransomware demands food for the poor to decrypt locked files

By Waqas GoodWill ransomware attackers share a three-page ransom note asking the victim to perform three tasks to get the… This is a post from HackRead.com Read the original post: Food For Files: GoodWill Ransomware demands food for the poor to decrypt locked files

CVE-2022-26082: TALOS-2022-1493 || Cisco Talos Intelligence Group

A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2022-26833: TALOS-2022-1513 || Cisco Talos Intelligence Group

An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this vulnerability.

CVE-2022-27169: TALOS-2022-1494 || Cisco Talos Intelligence Group

An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this vulnerability.

CVE-2022-26026: TALOS-2022-1491 || Cisco Talos Intelligence Group

A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnerability.