View CSAF 1. EXECUTIVE SUMMARY CVSS v3 2.9 ATTENTION: Exploitable locally Vendor: Mitsubishi Electric Corporation Equipment: GX Works2 Vulnerability: Denial-of-Service 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a Denial-of-service (DoS) due to improper input validation in the…
Tag: EN
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems (ICS) advisories on November 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-331-01 Delta Electronics InfraSuite Device Master ICSA-23-331-02 Franklin Electric Fueling Systems Colibri ICSA-23-331-03 Mitsubishi…
Franklin Electric Fueling Systems Colibri
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Franklin Electric Fueling Systems Equipment: Colibri Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain…
BD FACSChorus
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company (BD) Equipment: FACSChorus Vulnerabilities: Missing Protection Mechanism for Alternate Hardware Interface, Missing Authentication for Critical Function, Improper Authentication, Use of Hard-coded Credentials, Insecure…
Delta Electronics InfraSuite Device Master
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: InfraSuite Device Master Vulnerabilities: Path Traversal, Deserialization of Untrusted Data, Exposed Dangerous Method or Function. 2. RISK EVALUATION Successful exploitation of these vulnerabilities…
Advanced Persistent Threats: OffSec’s Comprehensive Guide
Explore key strategies to safeguard against Advanced Persistent Threats (APTs), focusing on prevention, response, and recovery in cybersecurity. The post Advanced Persistent Threats: OffSec’s Comprehensive Guide appeared first on OffSec. This article has been indexed from OffSec Read the original…
SMBs Witness Surge in ‘Malware Free’ Attacks
According to the first-ever SMB Threat Report from Huntress, a company that offers security platforms and services to SMBs and managed service providers (MSPs), the most common threats that small and medium businesses (SMBs) faced in Q3 2023 were “malware…
ColdFusion’s Close Call: A Peek into the Anatomy of a Failed Ransomware Strike
Several threat actors have recently used outdated Adobe software to exploit systems and deploy ransomware payloads, highlighting the ever-evolving tactics that they use to attack networks and deploy the ransomware payloads. It has been discovered that the attack took…
Lacework AI Assist enhances SOC efficiency
Lacework has released a generative artificial intelligence (AI) assistant that gives enterprise customers a new way to engage with the Lacework platform by providing customized context to investigate and remediate proactive and reactive alerts. This capability extends the impact of…
European Commission Cites Competition Concerns Over Amazon’s iRobot Deal
Despite reports deal would be approved, European regulators hand Amazon statement of objections to iRobot acquisition This article has been indexed from Silicon UK Read the original article: European Commission Cites Competition Concerns Over Amazon’s iRobot Deal