CVE-2025-8284

creationtimestamp| type| source ---|---|--- 2025-08-07 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-05 2025-08-08 20:23:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvw3g2lhi62p 2025-08-09 04:31:43+00:00| seen|...

CVE-2019-9256

creationtimestamp| type| source ---|---|--- 2025-07-15 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-196-01...

CVE-2025-23364

creationtimestamp| type| source ---|---|--- 2025-07-10 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-191-03 2025-07-17 17:31:50+00:00| seen| https://t.me/icscert/1240...

CVE-2025-21767

creationtimestamp| type| source ---|---|--- 2025-06-12 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05...

CVE-2024-8313

creationtimestamp| type| source ---|---|--- 2025-03-25 06:56:55+00:00| seen| https://t.me/cvedetector/21036 2025-04-03 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-05...

CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware

CISA released a fact sheet, Contec CMS8000 Contains a Backdoor, detailing an analysis of three firmware package versions of the Contec CMS8000, a patient monitor used by the U.S. Healthcare and Public Health HPH sector. Analysts discovered that an embedded backdoor function with a hard-coded IP...

CISA and Partners Release Call to Action to Close the National Software Understanding Gap

Today, CISA—in partnership with the Defense Advanced Research Projects Agency DARPA, the Office of the Under Secretary of Defense for Research and Engineering OUSD R&E, and the National Security Agency NSA—published Closing the Software Understanding Gap. This report urgently implores the U.S...

CISA: Actions to Improve Chemical Facility Safety and Security - a Shared Commitment (Report for the President, May 2014)

System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...

CISA: Emerging Risks: the Cyber-Physical Drone Threat

System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...

CVE-2024-50054

creationtimestamp| type| source ---|---|--- 2024-11-21 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-326-07...

My First Book Is 20 Years Old Today

On this day in 2004, Addison-Wesley/Pearson published my first book, The Tao of Network Security Monitoring: Beyond Intrusion Detection. This post from 2017 explains the differences between my first four books and why I wrote Tao. Today, I'm always thrilled when I hear that someone found my books...

CISA Releases Guidance on Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: (SMBs)

Today, CISA released Barriers to Single Sign-On SSO Adoption for Small and Medium-Sized Businesses: Identifying Challenges and Opportunities, a detailed report exploring challenges to SSO adoption by small and medium-sized businesses SMBs. The report also identifies potential ways to overcome the...

CVE-2023-37546

creationtimestamp| type| source ---|---|--- 2023-08-03 16:39:59+00:00| seen| https://t.me/cibsecurity/67662 2025-04-03 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-04 2025-04-03 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-...

CISA Ransomware report warns “triple threat” attacks still on the prowl

Though we may be stuck with endless COVID-19 scams and a gradual visible rise in all manner of cryptocurrency hijinks, the old school attacks are as perilous as ever; CISA, the Cybersecurity & Infrastructure Security Agency, have released their 2021 report detailing the increasing globalised thre...

Philips Engage Software

1. EXECUTIVE SUMMARY CVSS v3 2.6 ATTENTION: Exploitable remotely Vendor: Philips Equipment: Engage Software Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability may allow improper viewing read-only of business contact information. 3. TECHNICAL...

Malwarebytes Hit by SolarWinds Attackers

Malwarebytes is the latest discovered victim of the SolarWinds hackers, the security company said – except that it wasn’t targeted through the SolarWinds platform. “While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor,” it...

Attackers Exploit Poor Cyber Hygiene to Compromise Cloud Security Environments

CISA is aware of several recent successful cyberattacks against various organizations’ cloud services. Threat actors used a variety of tactics and techniques, including phishing and brute force logins, to attempt to exploit weaknesses in cloud security practices. In response, CISA has released...