Lucene search
+L

36 matches found

ics
ics
added 2023/07/11 7:15 a.m.8 views

Schneider Electric devices using CODESYS Runtime

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.9AI score
Exploits0References11
ptsecurity
ptsecurity
added 2023/06/13 12:0 a.m.2 views

PT-2023-3213 · Microsoft · Streaming Service +2

Name of the Vulnerable Software and Affected Versions: Microsoft Streaming Service versions prior to the fixed version Description: The issue allows attackers to gain System privileges on a vulnerable machine. It is an elevation-of-privilege vulnerability that affects the system. The vulnerabilit...

8.4CVSS9.3AI score0.22133EPSS
Exploits2References65
malwarebytes
malwarebytes
added 2023/05/29 1:0 a.m.12 views

A week in security (May 22-28)

Last week on Malwarebytes Labs: Update now: 9 vulnerabilities impact Cisco Small Business Series ChatGPT: Cybersecurity friend or foe? Webinar recap: EDR vs MDR for business success Identity crisis: How an anti-porn crusade could jam the Internet, featuring Alec Muffett: Lock and Code S04E11...

7.1AI score
Exploits0
thn
thn
added 2021/08/31 5:33 a.m.31 views

CISA Adds Single-Factor Authentication to the List of Bad Practices

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added single-factor authentication to the short list of "exceptionally risky" cybersecurity practices that could expose critical infrastructure as well as government and the private sector entities to devastating cyberattack...

0.4AI score
Exploits0
threatpost
threatpost
added 2021/06/16 6:1 p.m.70 views

Exclusive Ransomware Poll: 80% of Victims Don’t Pay Up

Ransomware is on the rise, but what toll does it take on the real world? Threatpost set out to answer that question in an exclusive poll aimed at taking the pulse of organizations wrestling with attacks, including looking at mitigations and the defenses organizations have in place. When viewed...

7.5AI score
Exploits0References7
threatpost
threatpost
added 2020/12/18 4:0 p.m.35 views

Insider Threats: What Are They, Really?

What an insider threat really is The idea of an “insider threat” sounds like some sort of double agent hiding away in a cubicle—someone hired to steal company secrets and take you down. That sounds pretty exciting, but it’s not very accurate. When we talk about insider threats, in reality, we’re...

6.7AI score
Exploits0References4
ics
ics
added 2020/12/10 12:0 a.m.29 views

Mitsubishi Electric MELSEC iQ-F Series

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC iQ-F Series Vulnerability: Improper Check or Handling of Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could cause...

7.4CVSS7.6AI score0.00985EPSS
Exploits0References4
ics
ics
added 2020/11/03 12:0 a.m.46 views

WAGO Series 750-88x and 750-352 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: WAGO Equipment: 750-88x and 750-352 Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-308-01 WAGO...

7.5CVSS7.9AI score0.01864EPSS
Exploits0References5
cisa
cisa
added 2020/10/07 12:0 a.m.14 views

CISA Releases FY2019 Risk Vulnerability Assessment Infographic

The Cybersecurity and Information Security Agency CISA has released an infographic mapping analysis of 44 of its Risk and Vulnerability Assessments RVAs conducted in Fiscal Year 2019 to the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK Framework. The infographic identifies...

6.7AI score
Exploits0References4
ics
ics
added 2020/05/21 12:0 a.m.155 views

Schneider Electric EcoStruxure Operator Terminal Expert

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Low skill level to exploit/public exploits are available Vendor: Schneider Electric Equipment: EcoStruxure Operator Terminal Expert Vulnerabilities: SQL Injection, Path Traversal, Argument Injection 2. RISK EVALUATION Successful exploitation of these...

9.8CVSS8.2AI score0.02289EPSS
Exploits0References5
malwarebytes
malwarebytes
added 2019/04/30 3:0 p.m.40 views

Sophisticated threats plague ailing healthcare industry

The healthcare industry is no longer circling the drain, but it's still in critical condition. While many organizations in healthcare have aimed at or made positive strides toward a more robust cybersecurity and privacy posture, they still have a long way to go. In 2018, healthcare had the highes...

7AI score
Exploits0
malwarebytes
malwarebytes
added 2019/03/05 1:0 p.m.88 views

Labs survey finds privacy concerns, distrust of social media rampant with all age groups

Before Cambridge Analytica made Facebook an unwilling accomplice to a scandal by appropriating and misusing more than 50 million users’ data, the public was already living in relative unease over the privacy of their information online. The Cambridge Analytica incident, along with other, seemingl...

7.1AI score
Exploits0
threatpost
threatpost
added 2018/12/24 12:0 p.m.13 views

2018: A Banner Year for Breaches

Where to start? In 2018 the mantra became “another day, another data breach.” As a result, consumers and researchers alike are feeling “breach fatigue” and getting a bit numb to the headline. But the reality is, cybercriminals are going after personal information, credit card info and passwords...

6.7AI score
Exploits0References22
malwarebytes
malwarebytes
added 2018/10/31 5:27 p.m.107 views

Tomorrowland festival goers affected by data breach

Tomorrowland, a major international music festival, has revealed a data breach potentially affecting around 60,000 attendees. This one is a little different though, as the data accessed without permission isn't recent. In fact, it dates back four years to an event long since come and gone...

0.1AI score
Exploits0
threatpost
threatpost
added 2018/05/01 8:55 p.m.11 views

Samples of SiliVaccine Offer Rare Peek Inside North Korea’s Antivirus Software

Two aged samples of North Korean antivirus software called SiliVaccine crib software code from a competitor and come loaded with malware and a backdoor. The two SiliVaccine samples obtained by researchers at Check Point security offer unique insight into a secretive country and how it likely...

0.2AI score
Exploits0References4
threatpost
threatpost
added 2013/06/13 1:46 p.m.19 views

FDA Issues Security Guidelines For Medical Device Manufacturers

Hoping to strengthen the security of medical devices, the Food and Drug Administration today issued a new series of guidelines for manufacturers. The document was released to encourage companies to mitigate viruses and malware on devices such as defibrillators, insulin pumps and pacemakers before...

0.7AI score
Exploits0References5
Rows per page
Query Builder