CISA and the FBI updated their advisory on Royal Ransomware, revealing new tactics and indicators. BlackSuit ransomware is targeting critical sectors like healthcare and government facilities. Network defenders, check the advisory for mitigation tips and head to #StopRansomware for further guidance.

Cisco Small Business SPA300 and SPA500 Series IP Phones are vulnerable to remote command execution and DoS attacks due to unchecked HTTP packets. With CVSS scores of 9.8 and 7.5, these vulnerabilities allow attackers to execute commands or cause device reloads. No fixes or workarounds are available.

CISA and the FBI have released the Secure by Demand Guide to help organizations ensure their software manufacturers prioritize secure technology from the start. This guide offers questions to ask when buying software and tips for integrating security into the procurement lifecycle.

GeoServer, the go-to platform for geographic data, has new vulnerabilities that are causing quite a stir. Scans for GeoServer skyrocketed after the latest SQL exploit was discovered. Surprisingly, most scans hail from China, with the default “Home Page” URL being the most popular target.

CISA released a new Industrial Control Systems advisory on August 6, 2024. Stay ahead of the hackers—review these advisories for crucial security details and mitigations!

Firefox’s Enhanced Tracking Protection may leave a shim in place of blocked scripts, but beware: a clever attacker might bypass strict-dynamic CSP using a DOM Clobbering attack, turning your secure site into an XSS playground.

In December 2023, we stumbled upon an open directory filled with defense evasion scripts targeting antivirus and critical services. Threat actors used tools like Ngrok for proxy services and PoshC2 for command and control. The infrastructure has been active since September 2023, pointing to long-term malicious activity. Ten new sigma rules were created.

Johannes Ullrich dives into “Origin” in web applications with a video demo. Think Cross Origin Resource Sharing and Private Network Access, but with fewer yawns. Don’t miss this quirky yet informative take on web security!

BOLABuster leverages large language models to automate the detection of broken object level authorization (BOLA) vulnerabilities in APIs. This AI-driven methodology outperforms traditional tools, discovering significant vulnerabilities in Grafana, Harbor, and Easy!Appointments. Finally, AI is doing the heavy lifting while we sip our coffee!

Unit 42 researchers uncovered an extortion campaign exploiting exposed .env files to compromise multiple organizations. Using cloud misconfigurations, attackers scanned over 230 million targets, stealing sensitive data without encrypting it first. Remember, folks: if your .env files are exposed, your secrets aren’t safe.

In “A Wireshark Lua Dissector for Fixed Field Length Protocols,” Didier Stevens explains how to use a Lua dissector to parse TCP data. With the Wireshark 4.4.0 release, you can now configure fields like Function and Counter via custom columns, reducing the need for dissectors.

Adobe’s latest security updates tackle multiple vulnerabilities that could let cyber villains hijack your system. Stay safe and update now!

Ivanti has rolled out security updates to fix vulnerabilities in Virtual Traffic Manager, Neurons for ITSM, and Avalanche. CISA urges users to review Ivanti advisories and update pronto before cyber villains swoop in.

Rockwell Automation’s Pavilion8 has a vulnerability due to missing encryption of sensitive data. This flaw could let cyber bandits view your precious data! Update to v6.0 or later to secure your software or follow best practices to avoid the data drama.

CISA issued ten ICS advisories on August 13, 2024, detailing security vulnerabilities. Users and administrators should check these updates to stay ahead of potential exploits.

Starting January 10, 2023, CISA stops updating ICS security advisories for Siemens product vulnerabilities. For the latest on Siemens NX vulnerabilities, visit Siemens’ ProductCERT Security Advisories.

Siemens’ Location Intelligence software is vulnerable to weak encryption and poor password policies, making it a hacker’s dream vacation spot. CISA won’t update advisories post-January 2023, so check Siemens’ ProductCERT for the latest scoop. Remember, update to V4.4 or later—because who wants a brute force party?

As of January 10, 2023, CISA will halt updates on ICS security advisories for Siemens product vulnerabilities beyond initial notifications. For the latest on these vulnerabilities, visit Siemens’ ProductCERT Security Advisories.

CISA will stop updating ICS security advisories for Siemens products from January 10, 2023. For the latest on vulnerabilities, visit Siemens’ ProductCERT Security Advisories. The Siemens SINEC Traffic Analyzer is particularly vulnerable, so update to the latest version before hackers make your network their playground.

Starting January 10, 2023, CISA will stop updating ICS security advisories for Siemens product vulnerabilities. For current details, check Siemens’ ProductCERT Security Advisories. So, when your Siemens software screams “update me,” remember—it’s not just needy; it’s necessary!