226 matches found
Rockwell Automation 1794-AENT Flex I/O Series B Buffer Copy Without Checking Size of Input (CVE-2020-6083)
An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment functionality of Allen- Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious...
Schneider Electric Web Server on Modicon M340 Out-of-Bounds Write (CVE-2020-7563)
A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules see notification for details which could cause corruption of data, a crash, or code execution when uploading a specially crafted...
Schneider Electric Modicon Controllers Use of Insufficiently Random Values (CVE-2019-6821)
CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum. This plugin only works...
Schneider Electric Web Server on Modicon M340 Out-of-Bounds Read (CVE-2020-7562)
A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules see notification for details which could cause a segmentation fault or a buffer overflow when uploading a specially crafted file ...
Rootkit found in HPE iLO environments
Security researchers at AmnPardaz have published an investigation published about a rootkit found in HPE iLO systems. The malware, called "iLOBleed," was used, among other things, to to wipe a system's hard drives. Because the iLO subsystem has exceptionally high privileges, compromising it means...
Critical Wormable Security Flaw Found in Several HP Printer Models
Cybersecurity researchers on Tuesday disclosed eight-year-old security flaws affecting 150 different multifunction printers MFPs from HP Inc that could be potentially abused by an adversary to take control of vulnerable devices, pilfer sensitive information, and infiltrate enterprise networks to...
Hackers Targeting Biomanufacturing Facilities With Tardigrade Malware
An advanced persistent threat APT has been linked to cyberattacks on two biomanufacturing companies that occurred this year with the help of a custom malware loader called "Tardigrade." That's according to an advisory published by Bioeconomy Information Sharing and Analysis Center BIO-ISAC this...
U.S., U.K. and Australia Warn of Iranian Hackers Exploiting Microsoft, Fortinet Flaws
Cybersecurity agencies from Australia, the U.K., and the U.S. on Wednesday released a joint advisory warning of active exploitation of Fortinet and Microsoft Exchange ProxyShell vulnerabilities by Iranian state-sponsored actors to gain initial access to vulnerable systems for follow-on activities...
Top 10 Cybersecurity Best Practices to Combat Ransomware
If you’re like most IT professionals, the threat of a ransomware attack might keep you up at night. And you have a valid reason to worry — ransomware doesn’t discriminate. Organizations across every industry, public or private, are potential victims, if they haven’t been victims already. In fact,...
Invest in These 3 Key Security Technologies to Fight Ransomware
A recent survey by Fortinet revealed that two-thirds of organizations had been the target of at least one ransomware attack – and 85 percent are more concerned about a ransomware attack than any other form of cyberattack. And, the evolving threat landscape is cited as one of the top challenges in...
Protect yourself from BlackMatter ransomware: Advice issued
Despite promises made by the BlackMatter ransomware gang about which organizations and business types they would avoid, multiple US critical infrastructure entities have been targeted. Now, the Federal Bureau of Investigation FBI, in conjunction with the Cybersecurity and Infrastructure Security...
Feds Warn BlackMatter Ransomware Gang is Poised to Strike
Federal authorities are warning businesses to shore up cybersecurity defenses as it carefully monitors the reemergence of the DarkSide ransomware gang, believed responsible for the crippling Colonial Pipeline attack in May 2021. The ransomware-as-a-service gang has regrouped under the moniker...
BlackMatter Ransomware
Summary Actions You Can Take Now to Protect Against BlackMatter Ransomware • Implement and enforce backup and restoration policies and procedures. • Usestrong, unique passwords. • Usemulti-factor authentication. • Implement network segmentation and traversal monitoring. Note: this advisory uses t...
CISA Issues Warning On Cyber Threats Targeting Water and Wastewater Systems
The U.S. Cybersecurity Infrastructure and Security Agency CISA on Thursday warned of continued ransomware attacks aimed at disrupting water and wastewater facilities WWS, highlighting five incidents that occurred between March 2019 and August 2021. "This activity—which includes attempts to...
CISA, FBI, and NSA Release Joint Cybersecurity Advisory on Conti Ransomware
CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA alerting organizations of increased Conti ransomware attacks. Malicious cyber actors use Conti ransomware to steal sensitive files from domestic and international...
BadAlloc Flaw Affects BlackBerry QNX Used in Millions of Cars and Medical Devices
A major vulnerability affecting older versions of BlackBerry's QNX Real-Time Operating System RTOS could allow malicious actors to cripple and gain control of a variety of products, including cars, medical, and industrial equipment. The shortcoming CVE-2021-22156, CVSS score: 9.0 is part of a...
Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. Note: CISA released technical information, including indicators of compromise IOCs,...
DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of...
Schneider Electric Modicon X80
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Modicon X80 Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of this vulnerability may result in...
How Network Segmentation Simplifies PCI DSS Compliance
Read more about how proper network segmentation can simplify PCI DSS compliance by effectively reducing the number of assets in scope...