253 matches found
Ongoing Campaign Bombards Enterprises with Spam Emails and Phone Calls
Cybersecurity researchers have uncovered an ongoing social engineering campaign that bombards enterprises with spam emails with the goal of obtaining initial access to their environments for follow-on exploitation. "The incident involves a threat actor overwhelming a user's email with junk and...
Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
Co-authored by Rapid7 analysts Tyler McGraw, Thomas Elkins, and Evan McCann Executive Summary Rapid7 has identified an ongoing social engineering campaign that has been targeting multiple managed detection and response MDR customers. The incident involves a threat actor overwhelming a user's emai...
DocGo patient health data stolen in cyberattack
Medical health care provider DocGo has disclosed in a form 8-K that it experienced a cybersecurity incident involving some of the company’s systems. As part of the investigation of the incident, the company says it has determined that the attacker accessed and acquired data, including certain...
The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of security measures for SQL query structures, allowing attackers to execute arbitrary SQL queries against the database.
The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database remotely...
Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks
The Iran-affiliated threat actor tracked as MuddyWater aka Mango Sandstorm or TA450 has been linked to a new phishing campaign in March 2024 that aims to deliver a legitimate Remote Monitoring and Management RMM solution called Atera. The activity, which took place from March 7 through the week o...
Remote Monitoring & Management software used in phishing attacks
Remote Monitoring & Management RMM software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today, streamlining tasks and ensuring network integrity from afar. However, these same tools have caught the eye of cybercriminals, who exploit them to...
MachineSense FeverWarn Access Control Error Vulnerability
MachineSense FeverWarn is a temperature detection device from MachineSense. An access control error vulnerability exists in MachineSense FeverWarn that stems from the use of unauthenticated MQTT messaging to monitor the device and remotely view sensor data by a user...
The vulnerability of the Honeywell ProWatch software platform for remote monitoring and control of buildings, related to data processing errors, allows a intruder to execute arbitrary code.
The vulnerability of the Honeywell ProWatch software platform for remote monitoring and control is related to data processing errors. Exploiting this vulnerability could allow a intruder to execute arbitrary code...
Fuji Electric Tellus Lite V-Simulator Improper Access Control Vulnerability
Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by FujiElectric Japan, which is mainly used to collect real-time data from PLCs Programmable Logic Controllers, temperature controllers, inverters, and other devices. Fuji Electric Tellus...
Fuji Electric Tellus Lite V-Simulator Buffer Overflow Vulnerability (CNVD-2025-1353550)
Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments from Fuji Electric Japan. Fuji Electric Tellus Lite V-Simulator suffers from a buffer overflow vulnerability that originates from a boundary error when parsing a specially crafted input file. An...
Fuji Electric Tellus Lite V-Simulator Out-of-Bounds Write Vulnerability
Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments from Fuji Electric Japan. An out-of-bounds write vulnerability exists in Fuji Electric Tellus Lite V-Simulator that originates from an out-of-bounds write when parsing a specially crafted input file...
Fuji Electric Tellus Lite V-Simulator 安全漏洞
Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by FujiElectric Japan, which is mainly used to collect real-time data from PLCs Programmable Logic Controllers, temperature controllers, inverters, and other devices. Fuji Electric Tellus...
Fuji Electric Tellus Lite V-Simulator
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Fuji Electric Equipment : Tellus Lite V-Simulator Vulnerabilities : Stack-based Buffer Overflow, Out-of-bounds Write, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
Fuji Electric V-Server 缓冲区错误漏洞
Fuji Electric V-Server and Fuji Electric V-Server Lite are both products of Fuji Electric, Japan.Fuji Electric V-Server is a software package for collecting and managing real-time field data.Fuji Electric V-Server Lite is a remote monitoring software for industrial environments. Server Lite is a...
The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of protection for operational data, which allows a intruder to disclose the protected information.
The vulnerability of Advantech WebAccess remote monitoring software lies in the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...
Hewlett Packard Enterprise Integrated Lights-Out Security Vulnerability
Hewlett Packard Enterprise Integrated Lights-Out is a remote control solution from Hewlett Packard Enterprise. The solution enables remote monitoring and operation of IT assets such as servers. A security vulnerability exists in Hewlett Packard Enterprise Integrated Lights-Out 5 and Integrated...
The vulnerability of the software-based remote monitoring system Advantech WebAccess allows a intruder to gain access to the file system, re-write files, and execute commands.
The vulnerability of the software-based remote monitoring system Advantech WebAccess relates to the use of an untrusted pointer. Exploiting this vulnerability could allow a malicious actor to gain access to the file system, potentially enabling them to overwrite files and execute commands...
CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan
Today, CISA released the Remote Monitoring and Management RMM Cyber Defense Plan, the first proactive Plan developed by industry and government partners through the Joint Cyber Defense Collaborative JCDC. This plan addresses systemic risks facing the exploitation of RMM software. Cyber threat...
BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising
Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application. "Malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations," Tre...
Fuji Electric V-Server 缓冲区错误漏洞
Fuji Electric V-Server and Fuji Electric V-Server Lite are both products of Fuji Electric, Japan.Fuji Electric V-Server is a suite of software for collecting and managing real-time field data.Fuji Electric V-Server Lite is a remote monitoring software for industrial environments. Server Lite is a...