New Malware Can Kill Engineering Processes in ICS Environments
Forescout identified a new type of malware capable of terminating engineering processes, used to target Siemens engineering workstations Read More
Crypto-Hackers Steal $2.2bn as North Koreans Dominate
Mainly North Korean hackers stole over $2bn from crypto platforms in 2024, says Chainalysis Read More
Recorded Future CEO Calls Russia’s “Undesirable” Listing a “Compliment”
Cybersecurity firm Recorded Future has been listed as an “undesirable” organization by the Prosecutor General's Office of the Russian Federation Read More
LSN-0108-1: Kernel Live Patch Security Notice
In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog...
Vulnerability Exploit Assessment Tool EPSS Exposed to Adversarial Attack
A Morphisec researcher showed how an attacker could manipulate FIRST’s Exploit Prediction Scoring System (EPSS) using AI Read More
Interpol Calls for an End to “Pig Butchering” Terminology
Interpol wants to change the term “pig butchering” to “romance baiting” Read More
ZDI-24-1712: Tibbo Aggregate Network Manager UploaderTempFileController Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tibbo Aggregate Network Manager. Authentication is required to exploit this vulnerability. The...
ZDI-24-1713: Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to exploit this vulnerability...
ZDI-24-1714: Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to exploit this vulnerability...
ZDI-24-1715: Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to exploit this vulnerability...