Adobe Coldfusion vulnerability used in attacks on government servers

The Cybersecurity and Infrastructure Security Agency CISA put out a Cybersecurity Advisory CSA to alert government agencies about cybercriminals using a vulnerability in Adobe Coldfusion to gain initial access to servers. Adobe ColdFusion is a platform for building and deploying web and mobile...

Automated Tank Gauge (ATG) Remote Configuration Disclosure Exploit

In 2015, HD Moore, the creator of Metasploit, published an article disclosing over 5,800 gas station Automated Tank Gauges ATGs which were publicly accessible. Besides monitoring for leakage, these systems are also instrumental in gauging fluid levels, tank temperature, and can alert operators wh...

QNAP Warns of DeadBolt Ransomware Targeting Internet-Facing NAS Devices

Taiwanese company QNAP has warned customers to secure network-attached storage NAS appliances and routers against a new ransomware variant called DeadBolt. "DeadBolt has been widely targeting all NAS exposed to the Internet without any protection and encrypting users' data for Bitcoin ransom," th...

eCh0raix Ransomware Variant Targets QNAP, Synology NAS Devices

Operators of the nearly-year-old eCh0raix ransomware strain that’s been used to target QNAP and Synology network-attached storage NAS devices in past, separate campaigns have, gotten more efficient. According to researchers, both have put out a new variant that can target either vendors’ devices ...

CVE-2020-28483

This affects all versions of package github.com/gin-gonic/gin. When gin is exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header...

Don't Let DDoS Extortionists Deliver a KO Punch

Since mid-August, a variety of threat actors and copycats alike have been targeting organizations across all industries globally, threatening impending DDoS attacks unless Bitcoin is paid out. It's apparent, as the campaign rages on, that some businesses must be paying the extortion demands, --...

CVE-2019-17526

An issue was discovered in SageMath Sage Cell Server through 2019-10-05. Python Code Injection can occur in the context of an internet facing web application. Malicious actors can execute arbitrary commands on the underlying operating system, as demonstrated by an import'os'.popen'whoami'.read...

FreeBSD : FreeBSD -- Incorrect error handling in PAM policy parser (6e8f9003-6007-11e6-a6c3-14dae9d210b8)

The OpenPAM library searches for policy definitions in several locations. While doing so, the absence of a policy file is a soft failure handled by searching in the next location while the presence of an invalid file is a hard failure handled by returning an error to the caller. The policy parser...

Patching Bash Vulnerability a Challenge for ICS, SCADA

While the most urgent focus where the Bash vulnerability is concerned is around Internet-facing web servers, embedded systems and industrial control systems are not exempt from worry. Experts are concerned about Linux-based industrial control systems and SCADA equipment, in particular, that may b...

Researcher Hacks Google Office Management System

Industrial control minded researchers from the security firm Cylance launched a custom exploit against a building management system deployed at Google’s Sydney, Australia office, gaining access to a configuration file containing device administration passwords that could be used to gain complete...

Homeland Security Warns SCADA Operators Of Internet-Facing Systems

In the wake of the hack of water and sewer infrastructure operated by a Texas community, the Department of Homeland Security is again warning owners and operators of critical infrastructure to take note of SCADA and industrial control systems that may be accessible from the Internet. DHS’s...

Was The Three Character Password Used To Hack South Houston's Water Treatment Plant A Siemens Default?

Siemens said on Tuesday that it is working with the U.S. Department of Homeland Security to investigate a cyber intrusion into a water treatment plant in South Houston, Texas, but couldn’t confirm that a default, three digit password hard coded into an application used to control the company’s...