40 matches found
SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported
SonicWall said it's actively investigating reports to determine if there is a new zero-day vulnerability following reports of a spike in Akira ransomware actors in late July 2025. "Over the past 72 hours, there has been a notable increase in both internally and externally reported cyber incidents...
A New Maturity Model for Browser Security: Closing the Last-Mile Risk
Despite years of investment in Zero Trust, SSE, and endpoint protection, many enterprises are still leaving one critical layer exposed: the browser. It's where 85% of modern work now happens. It's also where copy/paste actions, unsanctioned GenAI usage, rogue extensions, and personal devices crea...
Cyber resilience begins before the crisis
In this blog you will hear directly from Microsoft’s Deputy Chief Information Security Officer CISO for Customer Security, Ann Johnson, about the need for proactive planning in cyber incidents, particularly surrounding communications. This blog is part of a new, ongoing series where our Deputy...
Coca-Cola, Bottling Partner Named in Separate Ransomware and Data Breach Claims
Coca-Cola and its bottling partner CCEP targeted in separate cyber incidents, with the Everest ransomware gang and the Gehenna hacking group claiming data breaches involving sensitive employee and CRM data...
CISA: Primary Mitigations to Reduce Cyber Threats to Operational Technology
The Cybersecurity and Infrastructure Security Agency CISA, Federal Bureau of Investigation FBI, Environmental Protection Agency EPA, and Department of Energy DOE are aware of cyber incidents affecting the operational technology OT and industrial control systems ICS of critical infrastructure...
Siemens SIPROTEC 5 Devices
SUMMARY An information disclosure vulnerability in SIPROTEC 5 devices could allow an unauthenticated, remote attacker to retrieve sensitive information of the device. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is...
Siemens SIPROTEC 5
SUMMARY Affected SIPROTEC 5 devices contain a development shell which is accessible via a physical interface which is not properly restricted. This could allow an unauthenticated attacker with physical access to an affected device to execute arbitrary commands on the device. Siemens has released...
Siemens SIPROTEC 5 Products
SUMMARY Affected SIPROTEC 5 devices do not properly limit the access of the web server to the filesystem. This could allow an authenticated remote attacker to read arbitrary files or the entire filesystem of the device. Siemens has released new versions for several affected products and...
Siemens CPCI85 Central Processing/Communication
SUMMARY The SICAM A8000 CP-8031 and CP-8050 devices are affected by a vulnerability that could allow an attacker with physical access to the device to decrypt the firmware. Siemens has released new firmware and hardware versions for the affected products and recommends to update to the latest...
2024 Cybersecurity Trends: What’s Observable Already?
2024 has already witnessed a staggering number of cyber incidents, with over 29.5 billion records breached across 4,645 publicly disclosed incidents in January alone, according to the IT Governance Security Spotlight. Moreover, CVEs are growing significantly year over year, with 13% growth from...
How CISOs’ Roles – and Security Operations – Will Change in 2024
It’s fair to say that 2023 was a turning point for the cybersecurity industry, and no one felt it more than the CISO. From the onslaught of ransomware and zero-day attacks, to the SEC’s new reporting rules, and added to technological innovation and sprawl, CISOs have never been under more pressur...
Siemens Spectrum Power 7
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens SICAM P850 and P855 Devices Improper Neutralization of Parameter/Argument Delimiters (CVE-2022-41665)
A vulnerability has been identified in SICAM P850 All versions V3.10, SICAM P855 All versions V3.10. Affected devices do not properly validate the parameter of a specific GET request. This could allow an unauthenticated attacker to set the device to a denial of service state or to control the...
Siemens SICAM P850 and P855 Devices Session Fixation (CVE-2022-40226)
A vulnerability has been identified in SICAM P850 All versions V3.10, SICAM P855 All versions V3.10. Affected devices accept user defined session cookies and do not renew the session cookie after login/logout. This could allow an attacker to take over another user's session after login. This plug...
Beyond Traditional Security: NDR's Pivotal Role in Safeguarding OT Networks
Why is Visibility into OT Environments Crucial? The significance of Operational Technology OT for businesses is undeniable as the OT sector flourishes alongside the already thriving IT sector. OT includes industrial control systems, manufacturing equipment, and devices that oversee and manage...
ICS/OT Cybersecurity 2022 TXOne Annual Report Insights
This article gives an in-depth overview of TXOne’s insight report on ICS/OT cyber incidents...
SEC cyber risk management rule—a security and compliance opportunity
In my practice as a Microsoft Global Black Belt, I focus on the technical and business enablement aspects of protecting organizations from cyber threats with tools like Microsoft 365 Defender, Microsoft Purview and Microsoft Sentinel. In my role as a board member for another publicly traded...
A week in security (February 13 - 19)
Last week on Malwarebytes Labs: What is AI good at and what the heck is it, actually, with Josh Saxe: Lock and Code S04E04 Malwarebytes recognized as endpoint security leader by G2 CISA issues alert with South Korean government about DPRK's ransomware antics Jailbreaking ChatGPT and other large...
FBI, FDA OCI, and USDA Release Joint Cybersecurity Advisory Regarding Business Email Compromise Schemes Used to Steal Food
The Federal Bureau of Investigation FBI, the Food and Drug Administration Office of Criminal Investigations FDA OCI, and the U.S. Department of Agriculture USDA have released a joint Cybersecurity Advisory CSA detailing recently observed incidents of criminal actors using business email compromis...
Been Doing It The Same Way For Years? Think Again.
As IT professionals, we all reach a certain point in our IT career where we realize that some of our everyday tasks are done the same way year after year without anyone questioning why it's done that way. Despite the constant change and improvement in technology, some things just get done the sam...