When you read reports about cyber-attacks affecting operational technology (OT), it’s easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the
U.S. Sanctions Russians Behind ‘Doppelganger’ Cyber Influence Campaign
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Wednesday announced sanctions against two 46-year-old Russian nationals and the respective companies they own for engaging in cyber influence operations.
Ilya Andreevich Gambashidze (Gambashidze), the founder of the Moscow-based company Social Design Agency (SDA), and Nikolai Aleksandrovich Tupikin (Tupikin), the CEO and
Ilya Andreevich Gambashidze (Gambashidze), the founder of the Moscow-based company Social Design Agency (SDA), and Nikolai Aleksandrovich Tupikin (Tupikin), the CEO and
Windows 11, Tesla, and Ubuntu Linux hacked at Pwn2Own Vancouver
On the first day of Pwn2Own Vancouver 2024, contestants demoed Windows 11, Tesla, and Ubuntu Linux zero-day vulnerabilities and exploit chains to win $732,500 and a Tesla Model 3 car. […]
Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability
Ivanti has disclosed details of a critical remote code execution flaw impacting Standalone Sentry, urging customers to apply the fixes immediately to stay protected against potential cyber threats.
Tracked as CVE-2023-41724, the vulnerability carries a CVSS score of 9.6.
“An unauthenticated threat actor can execute arbitrary commands on the underlying operating system of the appliance
Tracked as CVE-2023-41724, the vulnerability carries a CVSS score of 9.6.
“An unauthenticated threat actor can execute arbitrary commands on the underlying operating system of the appliance
Atlassian Releases Fixes for Over 2 Dozen Flaws, Including Critical Bamboo Bug
Atlassian has released patches for more than two dozen security flaws, including a critical bug impacting Bamboo Data Center and Server that could be exploited without requiring user interaction.
Tracked as CVE-2024-1597, the vulnerability carries a CVSS score of 10.0, indicating maximum severity.
Described as an SQL injection flaw, it’s rooted in a dependency called org.postgresql:
Tracked as CVE-2024-1597, the vulnerability carries a CVSS score of 10.0, indicating maximum severity.
Described as an SQL injection flaw, it’s rooted in a dependency called org.postgresql:
New Windows Server updates cause domain controller crashes, reboots
The March 2024 Windows Server updates are causing some domain controllers to crash and restart, according to widespread reports from Windows administrators. […]
Spa Grand Prix email account hacked to phish banking info from fans
Hackers hijacked the official contact email for the Belgian Grand Prix event and used it to lure fans to a fake website promising a €50 gift voucher. […]
New ‘Loop DoS’ attack may impact up to 300,000 online systems
A new denial-of-service attack dubbed ‘Loop DoS’ targeting application layer protocols can pair network services into an indefinite communication loop that creates large volumes of traffic. […]
GitHub’s new AI-powered tool auto-fixes vulnerabilities in your code
GitHub introduced a new AI-powered feature capable of speeding up vulnerability fixes while coding. This feature is in public beta and automatically enabled on all private repositories for GitHub Advanced Security (GHAS) customers […]
Ivanti fixes critical Standalone Sentry bug reported by NATO
Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers. […]