Lucene search
K

226 matches found

The Hacker News
The Hacker News
added 2022/12/16 12:46 p.m.41 views

Cyber Security Is Not a Losing Game – If You Start Right Now

Reality has a way of asserting itself, irrespective of any personal or commercial choices we make, good or bad. For example, just recently, the city services of Antwerp in Belgium were the victim of a highly disruptive cyberattack. As usual, everyone cried "foul play" and suggested that proper...

7.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/12/16 12:0 a.m.5 views

PT-2022-6079 · Rockwell Automation · Compactlogix +3

Name of the Vulnerable Software and Affected Versions: Rockwell Automation controllers affected versions not specified Rockwell Automation CompactLogix, ControlLogix, GuardLogix affected versions not specified Description: A vulnerability exists in the Rockwell Automation controllers that allows ...

10CVSS7.4AI score0.0143EPSS
Exploits0References7
The Hacker News
The Hacker News
added 2022/10/28 10:43 a.m.79 views

Implementing Defense in Depth to Prevent and Mitigate Cyber Attacks

The increased use of information technology in our everyday life and business has led to cyber-attacks becoming more sophisticated and large-scale. For organizations to thrive in this era of technology, they must develop robust security strategies to detect and mitigate attacks. Defense in depth ...

6.7AI score
Exploits0
ICS
ICS
added 2022/10/05 12:0 p.m.300 views

Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

Summary Actions to Help Protect Against APT Cyber Activity: • Enforce multifactor authentication MFA on all user accounts. • Implement network segmentation to separate network segments based on role and functionality. • Update software, including operating systems, applications, and firmware, on...

9.8CVSS10AI score0.99999EPSS
Exploits66References107
Positive Technologies
Positive Technologies
added 2022/09/27 12:0 a.m.4 views

PT-2022-6636 · Cisco · Cisco Wireless Lan Controller +1

Name of the Vulnerable Software and Affected Versions: Cisco Aironet Access Points affected versions not specified Cisco Wireless LAN Controller WLC affected versions not specified Description: The issue is related to insufficient access control in the software of Cisco Aironet Access Points and...

4.7CVSS4.8AI score0.00242EPSS
Exploits0References4
OSV
OSV
added 2022/09/13 12:0 a.m.15 views

ALSA-2022:6439 Moderate: booth security update

The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network...

6.5CVSS6.3AI score0.00906EPSS
Exploits0References4
ICS
ICS
added 2022/06/21 12:0 a.m.61 views

Phoenix Contact Classic Line Controllers

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Phoenix Contact Equipment: ILC, AXC, RFC, PC WORX, FC Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

10CVSS9.9AI score0.01455EPSS
Exploits1References4
The Hacker News
The Hacker News
added 2022/06/02 12:1 p.m.18 views

Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks

As ransomware infections have evolved from purely encrypting data to schemes such as double and triple extortion, a new attack vector is likely to set the stage for future campaigns. Called Ransomware for IoT or R4IoT by Forescout, it's a "novel, proof-of-concept ransomware that exploits an IoT...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/30 5:50 a.m.19 views

FBI Warns About Hackers Selling VPN Credentials for U.S. College Networks

Network credentials and virtual private network VPN access for colleges and universities based in the U.S. are being advertised for sale on underground and public criminal marketplaces. "This exposure of sensitive credential and network access information, especially privileged user accounts, cou...

2AI score
Exploits0
Talos
Talos
added 2022/05/25 12:0 a.m.35 views

Open Automation Software Platform Engine cleartext transmission of sensitive information vulnerability

Summary A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can...

7.5CVSS7.8AI score0.01093EPSS
Exploits1
ThreatPost
ThreatPost
added 2022/05/12 11:57 a.m.22 views

You Can’t Eliminate Cyberattacks, So Focus on Reducing the Blast Radius

Lately, I’ve started wondering if the biggest risk concerning cyberattacks is that we’re becoming desensitized to them. After all, businesses experience a ransomware attack every 11 seconds—the majority of which the public never hears about. Faced with this reality, it may seem like your efforts ...

7.1AI score
Exploits0References2
Rapid7 Blog
Rapid7 Blog
added 2022/05/09 5:57 p.m.363 views

Active Exploitation of F5 BIG-IP iControl REST CVE-2022-1388

On May 4, 2022, F5 released an advisory listing several vulnerabilities, including CVE-2022-1388, a critical authentication bypass that leads to remote code execution in iControl REST with a CVSSv3 base score of 9.8. The vulnerability affects several different versions of BIG-IP prior to 17.0.0,...

10CVSS0.8AI score0.99999EPSS
Exploits308
The Hacker News
The Hacker News
added 2022/05/03 2:14 p.m.66 views

Critical TLStorm 2.0 Bugs Affect Widely-Used Aruba and Avaya Network Switches

Cybersecurity researchers have detailed as many as five severe security flaws in the implementation of TLS protocol in several models of Aruba and Avaya network switches that could be abused to gain remote access to enterprise networks and steal valuable information. The findings follow the March...

0.9AI score0.21364EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/04/28 12:0 a.m.30 views

Schneider Electric Cleartext Transmission of Sensitive Information in embedded Rockwell Automation ISaGRAF5 Runtime (CVE-2020-25178)

ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x using TCP/IP. This communication protocol provides various file system operations, as well as the uploading of applications. Data is transferred over this protocol unencrypted, which could allow a remote...

9.3CVSS8AI score0.01631EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/04/28 12:0 a.m.21 views

Rockwell Automation ISaGRAF5 Runtime Uncontrolled Search Path Element (CVE-2020-25182)

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic libraries. Uncontrolled loading of dynamic libraries could allow a local, unauthenticated attacker to execute arbitrary code. This vulnerability only affects ISaGRAF Runtime when running on Microsoft...

6.7CVSS6.7AI score0.00422EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/04/28 12:0 a.m.24 views

Rockwell Automation ISaGRAF5 Runtime Cleartext Transmission of Sensitive Information (CVE-2020-25178)

ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x using TCP/IP. This communication protocol provides various file system operations, as well as the uploading of applications. Data is transferred over this protocol unencrypted, which could allow a remote...

9.3CVSS7.4AI score0.01631EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/04/28 12:0 a.m.23 views

Schneider Electric Uncontrolled Search Path Element in embedded Rockwell Automation ISaGRAF5 Runtime (CVE-2020-25182)

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic libraries. Uncontrolled loading of dynamic libraries could allow a local, unauthenticated attacker to execute arbitrary code. This vulnerability only affects ISaGRAF Runtime when running on Microsoft...

6.7CVSS6.6AI score0.00422EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2022/04/22 10:56 a.m.121 views

Skeletons in the Closet: Security 101 Takes a Backseat to 0-days

Rarely a month goes by without the infosec industry being plagued by a new zero-day apocalypse. Most recently in December 2021, the world was swept by a series of vulnerabilities in Log4J – a popular logging system used by thousands of systems around the world. While writing this article, the...

9.8CVSS8.2AI score0.70947EPSS
Exploits3References13
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/03/31 5:30 a.m.24 views

The reality of OT segregation

One of the areas I find most fascinating about industrial control systems and related operational technology is the perception that OT networks are segregated and isolated from the wider IT network. We’re often told that “IT and OT are totally separated” as there’s a genuine belief that OT is...

0.1AI score
Exploits0
ICS
ICS
added 2022/03/24 12:0 p.m.24 views

Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector

Summary Actions to Take Today to Protect Energy Sector Networks: • Implement and ensure robust network segmentation between IT and ICS networks. • Enforce MFA to authenticate to a system. • Manage the creation of, modification of, use of—and permissions associated with—privileged accounts. This...

9.5AI score
Exploits0References183
Rows per page
Query Builder