CISA released seven Industrial Control Systems (ICS) advisories on June 27, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-179-01 TELSAT marKoni FM Transmitter ICSA-24-179-02 SDG Technologies PnPSCADA ICSA-24-179-03 Yokogawa FAST/TOOLS and CI Server ICSA-24-179-04 Johnson Controls Illustra…
Disponibile un Proof of Concept (PoC) per la CVE-2024-5276 – già sanata dal vendor – presente in Fortra FileCatalyst Workflow, portale web per la gestione dei file condivisi in ambito aziendale. Tale vulnerabilità – di tipo “SQL Injection”, con score CVSS v3.x pari a 9.8…
Progress Software released a security bulletin to address a vulnerability in MOVEit Transfer. A cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the following bulletin and apply the necessary updates: MOVEit Transfer…
Elastic NV rilascia aggiornamenti di sicurezza per sanare una vulnerabilità con gravità “alta” che interessa il prodotto Elastic Cloud Enterprise. Tale vulnerabilità interessa le modalità di creazione delle API Key le quali, in determinate condizioni, permetterebbero la generazione arbitraria di nuove chiavi con privilegi elevati…
FortiGuard Labs uncovers MerkSpy, a new spyware exploiting CVE-2021-40444 to steal keystrokes and sensitive data. Learn more. Source link Author: Fortinet Article used for cyber security disclosure.
Today, CISA, in partnership with the Federal Bureau of Investigation, Australian Signals Directorate’s Australian Cyber Security Centre, and Canadian Cyber Security Center, released Exploring Memory Safety in Critical Open Source Projects. This guidance was crafted to provide organizations with findings on the scale of memory…
Disponibile un Proof of Concept (PoC) per la CVE-2024-5806 – già sanata dal vendor – presente nella soluzione per il trasferimento file MOVEit Transfer di Progress. Tale vulnerabilità, qualora sfruttata, potrebbe permettere, ad un utente malevolo remoto, il bypass dei meccanismi di autenticazione sui sistemi…
Cybersecurity threats are increasingly leveraging cloud services to store, distribute, and establish command and control (C2) servers. Over the past month, FortiGuard Labs has been monitoring botnets that have adopted this strategy. Learn more. Source link Author: Fortinet Article used for cyber security disclosure.
