Lucene search
K

40 matches found

The Hacker News
The Hacker News
added 2025/08/05 5:18 a.m.7 views

SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported

SonicWall said it's actively investigating reports to determine if there is a new zero-day vulnerability following reports of a spike in Akira ransomware actors in late July 2025. "Over the past 72 hours, there has been a notable increase in both internally and externally reported cyber incidents...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/07/01 11:0 a.m.9 views

A New Maturity Model for Browser Security: Closing the Last-Mile Risk

Despite years of investment in Zero Trust, SSE, and endpoint protection, many enterprises are still leaving one critical layer exposed: the browser. It's where 85% of modern work now happens. It's also where copy/paste actions, unsanctioned GenAI usage, rogue extensions, and personal devices crea...

7.1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/06/12 4:0 p.m.9 views

Cyber resilience begins before the crisis

In this blog you will hear directly from Microsoft’s Deputy Chief Information Security Officer CISO for Customer Security, Ann Johnson, about the need for proactive planning in cyber incidents, particularly surrounding communications. This blog is part of a new, ongoing series where our Deputy...

6.7AI score
Exploits0
HackRead
HackRead
added 2025/05/22 10:9 p.m.44 views

Coca-Cola, Bottling Partner Named in Separate Ransomware and Data Breach Claims

Coca-Cola and its bottling partner CCEP targeted in separate cyber incidents, with the Everest ransomware gang and the Gehenna hacking group claiming data breaches involving sensitive employee and CRM data...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/07 12:0 a.m.4 views

CISA: Primary Mitigations to Reduce Cyber Threats to Operational Technology

The Cybersecurity and Infrastructure Security Agency CISA, Federal Bureau of Investigation FBI, Environmental Protection Agency EPA, and Department of Energy DOE are aware of cyber incidents affecting the operational technology OT and industrial control systems ICS of critical infrastructure...

7AI score
Exploits0
ICS
ICS
added 2025/02/11 12:0 a.m.5 views

Siemens SIPROTEC 5 Devices

SUMMARY An information disclosure vulnerability in SIPROTEC 5 devices could allow an unauthenticated, remote attacker to retrieve sensitive information of the device. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is...

8.7CVSS7AI score0.00563EPSS
Exploits0References10
ICS
ICS
added 2025/02/11 12:0 a.m.6 views

Siemens SIPROTEC 5

SUMMARY Affected SIPROTEC 5 devices contain a development shell which is accessible via a physical interface which is not properly restricted. This could allow an unauthenticated attacker with physical access to an affected device to execute arbitrary commands on the device. Siemens has released...

7CVSS7.9AI score0.00308EPSS
Exploits0References10
ICS
ICS
added 2025/01/14 12:0 a.m.8 views

Siemens SIPROTEC 5 Products

SUMMARY Affected SIPROTEC 5 devices do not properly limit the access of the web server to the filesystem. This could allow an authenticated remote attacker to read arbitrary files or the entire filesystem of the device. Siemens has released new versions for several affected products and...

7.1CVSS6.7AI score0.00593EPSS
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.10 views

Siemens CPCI85 Central Processing/Communication 

SUMMARY The SICAM A8000 CP-8031 and CP-8050 devices are affected by a vulnerability that could allow an attacker with physical access to the device to decrypt the firmware. Siemens has released new firmware and hardware versions for the affected products and recommends to update to the latest...

5.1CVSS7.1AI score0.00292EPSS
Exploits1References10
Qualys Blog
Qualys Blog
added 2024/05/29 3:41 p.m.22 views

2024 Cybersecurity Trends: What’s Observable Already?

2024 has already witnessed a staggering number of cyber incidents, with over 29.5 billion records breached across 4,645 publicly disclosed incidents in January alone, according to the IT Governance Security Spotlight. Moreover, CVEs are growing significantly year over year, with 13% growth from...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/01/18 2:0 p.m.11 views

How CISOs’ Roles – and Security Operations – Will Change in 2024

It’s fair to say that 2023 was a turning point for the cybersecurity industry, and no one felt it more than the CISO. From the onslaught of ransomware and zero-day attacks, to the SEC’s new reporting rules, and added to technological innovation and sprawl, CISOs have never been under more pressur...

7.5AI score
Exploits0
ICS
ICS
added 2023/09/14 12:0 a.m.39 views

Siemens Spectrum Power 7

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

8.2CVSS8.1AI score0.0015EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2023/05/09 12:0 a.m.32 views

Siemens SICAM P850 and P855 Devices Improper Neutralization of Parameter/Argument Delimiters (CVE-2022-41665)

A vulnerability has been identified in SICAM P850 All versions V3.10, SICAM P855 All versions V3.10. Affected devices do not properly validate the parameter of a specific GET request. This could allow an unauthenticated attacker to set the device to a denial of service state or to control the...

9.8CVSS8.2AI score0.01022EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/05/09 12:0 a.m.20 views

Siemens SICAM P850 and P855 Devices Session Fixation (CVE-2022-40226)

A vulnerability has been identified in SICAM P850 All versions V3.10, SICAM P855 All versions V3.10. Affected devices accept user defined session cookies and do not renew the session cookie after login/logout. This could allow an attacker to take over another user's session after login. This plug...

8.1CVSS7.5AI score0.00638EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2023/04/20 11:56 a.m.2 views

Beyond Traditional Security: NDR's Pivotal Role in Safeguarding OT Networks

Why is Visibility into OT Environments Crucial? The significance of Operational Technology OT for businesses is undeniable as the OT sector flourishes alongside the already thriving IT sector. OT includes industrial control systems, manufacturing equipment, and devices that oversee and manage...

6.3AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/03/29 12:0 a.m.11 views

ICS/OT Cybersecurity 2022 TXOne Annual Report Insights

This article gives an in-depth overview of TXOne’s insight report on ICS/OT cyber incidents...

6.8AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/03/01 5:0 p.m.21 views

SEC cyber risk management rule—a security and compliance opportunity

In my practice as a Microsoft Global Black Belt, I focus on the technical and business enablement aspects of protecting organizations from cyber threats with tools like Microsoft 365 Defender, Microsoft Purview and Microsoft Sentinel. In my role as a board member for another publicly traded...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/20 1:0 a.m.25 views

A week in security (February 13 - 19)

Last week on Malwarebytes Labs: What is AI good at and what the heck is it, actually, with Josh Saxe: Lock and Code S04E04 Malwarebytes recognized as endpoint security leader by G2 CISA issues alert with South Korean government about DPRK's ransomware antics Jailbreaking ChatGPT and other large...

7.3AI score
Exploits0
CISA
CISA
added 2022/12/16 12:0 a.m.21 views

FBI, FDA OCI, and USDA Release Joint Cybersecurity Advisory Regarding Business Email Compromise Schemes Used to Steal Food

The Federal Bureau of Investigation FBI, the Food and Drug Administration Office of Criminal Investigations FDA OCI, and the U.S. Department of Agriculture USDA have released a joint Cybersecurity Advisory CSA detailing recently observed incidents of criminal actors using business email compromis...

Exploits0References1
The Hacker News
The Hacker News
added 2022/11/21 1:0 p.m.16 views

Been Doing It The Same Way For Years? Think Again.

As IT professionals, we all reach a certain point in our IT career where we realize that some of our everyday tasks are done the same way year after year without anyone questioning why it's done that way. Despite the constant change and improvement in technology, some things just get done the sam...

Exploits0
Rows per page
Query Builder