Google Warns of Exploited Chrome Vulnerability

August 27, 2024 at 06:24AM Google warns of an in-the-wild exploited bug, tracked as CVE-2024-7965, in Chrome 128.0.6613.84. The V8 JavaScript engine flawed implementation allows remote attackers to exploit heap corruption through crafted HTML pages, potentially executing code or accessing sensitive information. The US CISA added the bug to the Known Exploited Vulnerabilities catalog, urging … Read more

SolarWinds left critical hardcoded credentials in its Web Help Desk product

August 22, 2024 at 06:48PM SolarWinds acknowledged a critical security flaw (CVE-2024-28987) in its Web Help Desk (WHD) product, affecting versions 12.8.3 HF1 and earlier. The flaw allows unauthenticated attackers to manipulate sensitive data. An update, HF2, has been released to address the issue. Another critical vulnerability (CVE-2024-28986) has also been identified, with exploitation potential … Read more

Security Bypass Vulnerability Found in Rockwell Automation Logix Controllers 

August 2, 2024 at 08:12AM Rockwell Automation’s Logix programmable logic controllers (PLCs) were found to have a high-severity security bypass vulnerability by Claroty. The flaw, tracked as CVE-2024-6242, impacts ControlLogix 1756 devices and other controllers. Both Rockwell and CISA issued advisories and released patches. Exploitation requires network access to the targeted device, presenting serious implications. … Read more

PatchNow: ServiceNow Critical RCE Bugs Under Active Exploit

July 29, 2024 at 04:55PM A threat actor claims to have acquired email addresses and hashes from over 105 breached ServiceNow databases by exploiting two critical vulnerabilities, CVE-2024-4879 and CVE-2024-5217. The U.S. CISA has added the bugs to its exploited vulnerabilities catalog, and attacks are expected to escalate. ServiceNow has issued hotfixes for the flaws. … Read more

Researchers Warn of Flaws in Widely Used Industrial Gas Analysis Equipment

June 28, 2024 at 04:39AM Multiple security flaws in Emerson Rosemount gas chromatographs, impacting versions 4.1.5 and prior, have been disclosed. Claroty identified command injection, authentication, and authorization vulnerabilities, enabling attackers to execute arbitrary commands and access sensitive information. Emerson has released an updated firmware to address these issues and advises following cybersecurity best practices … Read more

CISA says crooks used Ivanti bugs to snoop around high-risk chemical facilities

June 25, 2024 at 09:48AM US cybersecurity agency CISA is warning high-risk chemical facilities to secure their online accounts after a breach in its Chemical Security Assessment Tool (CSAT) portal. The breach could have given unauthorized access to sensitive data on chemical facilities, such as dangerous chemicals stored and security vulnerabilities. CISA advised affected individuals … Read more

Black Basta ransomware gang linked to Windows zero-day attacks

June 12, 2024 at 08:10AM The Black Basta ransomware operation exploited a Windows privilege escalation vulnerability (CVE-2024-26169) as a zero-day before a fix was available. Microsoft patched it on March 12, 2024. Symantec’s report links the exploit to Black Basta, with indications of its usage as a zero-day. This highlights the need to apply the … Read more

CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability

June 4, 2024 at 08:39AM CISA added an old Oracle WebLogic vulnerability, CVE-2017-3506, to its list of known exploited vulnerabilities. Chinese hackers have been using it to deploy cryptocurrency miners. Trend Micro reported that a China-based threat group, Water Sigbin, continues to exploit this vulnerability and another recent one. Their advanced techniques make detection and … Read more

Rockwell Advises Disconnecting Internet-Facing ICS Devices Amid Cyber Threats

May 22, 2024 at 08:42AM Rockwell Automation urges customers to disconnect industrial control systems not meant for public internet access due to heightened geopolitical tensions and cyber threats. The U.S. Cybersecurity and Infrastructure Security Agency supports this action, warning of malicious actors targeting operational technology assets. Research also highlights the susceptibility of PLCs to web-based … Read more

Critical Vulnerability in Honeywell Virtual Controller Allows Remote Code Execution

May 22, 2024 at 07:42AM Claroty disclosed vulnerabilities in Honeywell’s Control Edge Unit Operations Controller found by its researchers. The vulnerabilities in the ControlEdge Virtual UOC industrial automation controller include a critical severity issue allowing arbitrary code execution without authentication, and a medium-severity absolute path traversal issue. Honeywell promptly issued patches and advisories regarding the … Read more