76 matches found
CVE-2021-27416
An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of...
Securing critical infrastructure: Why Europe’s risk-based regulations matter
The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...
EUVD-2021-14624
Malware in sbrugna...
EUVD-2021-22165
Malware in sbrugna...
EUVD-2021-13629
Malware in sbrugna...
EUVD-2021-14168
Malware in sbrugna...
EUVD-2021-22163
Malware in sbrugna...
EUVD-2021-13961
Malware in sbrugna...
CVE-2021-27414
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials...
From Power Grids to Airports: TETRA Radio Hacking Risks Global Infrastructure
By Waqas These vulnerabilities have been dubbed TETRA:BURST by researchers. This is a post from HackRead.com Read the original post: From Power Grids to Airports: TETRA Radio Hacking Risks Global Infrastructure...
New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids
A new strain of malicious software that's engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to the VirusTotal public malware scanning utility in...
Retired Software Exploited To Target Power Grids, Microsoft
By Habiba Rashid Boa was discontinued in 2005 but remained popular and is now becoming a crisis because of the complex nature of how it was built into the IoT device supply chain. This is a post from HackRead.com Read the original post: Retired Software Exploited To Target Power Grids, Microsoft...
Feds Uncover a ‘Swiss Army Knife’ for Hacking Industrial Systems
The malware toolkit, known as Pipedream, is perhaps the most versatile tool ever made to target critical infrastructure like power grids and oil refineries...
CVE-2021-27416
An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of...
CVE-2021-27414
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials...
Session fixation
An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of...
Authentication flaw
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials...
CVE-2021-27414 User interface misrepresentation of critical information in Hitachi ABB Power Grids Ellipse EAM
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials...
CVE-2021-27414
CVE-2021-27414 affects Hitachi ABB Power Grids Ellipse EAM (versions up to and including 9.0.25). Described as a user-interface misrepresentation vulnerability enabling a login-page spoof to harvest credentials. CVSS v3 base score 5.5 (AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L) per CISA/ICS context; ve...
CVE-2021-27416 Cross-site scripting in Hitachi ABB Power Grids Ellipse EAM
An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of...