ICS Network Controllers Open to Remote Exploit, No Patches Available

April 18, 2024 at 04:33PM CISA issued a security advisory warning of vulnerabilities in Unitronics Vision Series PLCs and Mitsubishi Electric MELSEC iQ-R CPUs. Unitronics PLCs store passwords in a recoverable format, leaving them open to cyberattacks. Mitsubishi CPUs transmit passwords in cleartext and have flaws that could compromise device access. The advisory recommends defensive … Read more

Critical Vulnerability in VMware vSphere Plug-in Allows Session Hijacking

February 21, 2024 at 10:41AM VMware has urged network administrators to remove an out-of-date plug-in for its VSphere due to two critical flaws — CVE-2024-22245 and CVE-2024-22250. These vulnerabilities allow attackers to hijack cloud computing sessions. The company has released a security advisory with instructions on removal, as the plug-in is no longer supported. VMware … Read more